summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2011-12-14 13:01:32 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2011-12-18 01:31:49 +0100
commitc4042a339f40fe00d85e31055b1c0808dd025539 (patch)
tree0a32ceb3fe5399323f314ff17b07166f7a74cac7
parentnetfilter: ctnetlink: use expect instead of master tuple in get operation (diff)
downloadlinux-c4042a339f40fe00d85e31055b1c0808dd025539.tar.xz
linux-c4042a339f40fe00d85e31055b1c0808dd025539.zip
netfilter: ctnetlink: support individual atomic-get-and-reset of counters
This allows to use the get operation to atomically get-and-reset counters. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--net/netfilter/nf_conntrack_netlink.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 77d209c235a0..636617ccfe25 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1015,6 +1015,17 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb,
if (err < 0)
goto out;
+ if (NFNL_MSG_TYPE(nlh->nlmsg_type) == IPCTNL_MSG_CT_GET_CTRZERO) {
+ struct nf_conn_counter *acct;
+
+ acct = nf_conn_acct_find(ct);
+ if (acct) {
+ atomic64_set(&acct[IP_CT_DIR_ORIGINAL].bytes, 0);
+ atomic64_set(&acct[IP_CT_DIR_ORIGINAL].packets, 0);
+ atomic64_set(&acct[IP_CT_DIR_REPLY].bytes, 0);
+ atomic64_set(&acct[IP_CT_DIR_REPLY].packets, 0);
+ }
+ }
return 0;
free: