From a83099a60ffda10fa2af85f1c5a141610ffbb2b6 Mon Sep 17 00:00:00 2001 From: Eric Leblond Date: Thu, 31 Jan 2008 04:44:27 -0800 Subject: [PATCH] [NETFILTER]: nf_conntrack_netlink: transmit mark during all events The following feature was submitted some months ago. It forces the dump of mark during the connection destruction event. The induced load is quiet small and the patch is usefull to provide an easy way to filter event on user side without having to keep an hash in userspace. Signed-off-by: Eric Leblond Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nf_conntrack_netlink.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index bf86fdd89f..4a1b42b2b7 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -491,11 +491,6 @@ static int ctnetlink_conntrack_event(struct notifier_block *this, && ctnetlink_dump_helpinfo(skb, ct) < 0) goto nla_put_failure; -#ifdef CONFIG_NF_CONNTRACK_MARK - if ((events & IPCT_MARK || ct->mark) - && ctnetlink_dump_mark(skb, ct) < 0) - goto nla_put_failure; -#endif #ifdef CONFIG_NF_CONNTRACK_SECMARK if ((events & IPCT_SECMARK || ct->secmark) && ctnetlink_dump_secmark(skb, ct) < 0) @@ -516,6 +511,12 @@ static int ctnetlink_conntrack_event(struct notifier_block *this, goto nla_put_failure; } +#ifdef CONFIG_NF_CONNTRACK_MARK + if ((events & IPCT_MARK || ct->mark) + && ctnetlink_dump_mark(skb, ct) < 0) + goto nla_put_failure; +#endif + nlh->nlmsg_len = skb->tail - b; nfnetlink_send(skb, 0, group, 0); return NOTIFY_DONE; -- 2.39.5