Hi, Le mercredi 18 juillet 2012 à 08:10 -0700, Gomathivinayagam Muthuvinayagam a écrit : > Hi, > > Currently NFCT supports polling mode, but polling mode only propagates > the message to output plugin during DESTROY event. > This is a problem for long living connections, since I want to know > the amount of data transfer before the destroy event. For accounting, you may want to look NFACCT. For more information, you can read my recent blog post: https://home.regit.org/2012/07/flow-accounting-with-netfilter-and-ulogd2/ > After getting a quick walk through on NFCT plugin code, It seems I > have to change the do_purge method, which is called in a regular time > interval. > > I came with the following updates in the code (I added the else block only). > > > static int do_purge(void *data1, void *data2) > { > int ret; > struct ulogd_pluginstance *upi = data1; > struct ct_timestamp *ts = data2; > struct nfct_pluginstance *cpi = > (struct nfct_pluginstance *) upi->private; > > ulogd_log(ULOGD_NOTICE,"Inside do_purge method\n"); > > /* if it is not in kernel anymore, purge it */ > ret = nfct_query(cpi->pgh, NFCT_Q_GET, ts->ct); > if (ret == -1 && errno == ENOENT) { > do_propagate_ct(upi, ts->ct, NFCT_T_DESTROY, ts); > hashtable_del(cpi->ct_active, &ts->hashnode); > nfct_destroy(ts->ct); > free(ts); > } > else // Added code > { > do_propagate_ct(upi, ts->ct,NFCT_T_UPDATE,ts); > } > > return 0; > } > > The else part propagates a flow eventhough there were no updates > happened to the flow. Could you help somone here, I would like to > propagate about the updates of a connection, if there was a change > happened to the long living connection. Is this correct approach? > > My intuition, I have to call nfct_cmp method by passing the local hash > table connection, and the available connection in the kernel. If they > are same, then there were no updates happened to the connection, > otherwise I will propagate the details of the particular connection. > > Thanks & Regards, > -- > To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Eric Leblond Blog: http://home.regit.org/ - Portfolio: http://regit.500px.com/
Attachment:
signature.asc
Description: This is a digitally signed message part
