packages: ulogd/ulogd-git_fixes.patch (NEW) - fixes from upstream
hawk
hawk at pld-linux.org
Mon Sep 21 13:49:32 CEST 2009
Author: hawk Date: Mon Sep 21 11:49:32 2009 GMT
Module: packages Tag: HEAD
---- Log message:
- fixes from upstream
---- Files affected:
packages/ulogd:
ulogd-git_fixes.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: packages/ulogd/ulogd-git_fixes.patch
diff -u /dev/null packages/ulogd/ulogd-git_fixes.patch:1.1
--- /dev/null Mon Sep 21 13:49:32 2009
+++ packages/ulogd/ulogd-git_fixes.patch Mon Sep 21 13:49:26 2009
@@ -0,0 +1,846 @@
+diff -urN ulogd-2.0.0beta3.orig/doc/mysql-ulogd2-flat.sql ulogd-2.0.0beta3/doc/mysql-ulogd2-flat.sql
+--- ulogd-2.0.0beta3.orig/doc/mysql-ulogd2-flat.sql 2009-03-06 18:54:04.000000000 +0100
++++ ulogd-2.0.0beta3/doc/mysql-ulogd2-flat.sql 2009-09-17 21:35:22.000000000 +0200
+@@ -107,19 +107,19 @@
+
+ DROP VIEW IF EXISTS `view_tcp`;
+ CREATE SQL SECURITY INVOKER VIEW `view_tcp` AS
+- SELECT * FROM ulog2 WHERE ulog2.oob_family = 6;
++ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 6;
+
+ DROP VIEW IF EXISTS `view_udp`;
+ CREATE SQL SECURITY INVOKER VIEW `view_udp` AS
+- SELECT * FROM ulog2 WHERE ulog2.oob_family = 17;
++ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 17;
+
+ DROP VIEW IF EXISTS `view_icmp`;
+ CREATE SQL SECURITY INVOKER VIEW `view_icmp` AS
+- SELECT * FROM ulog2 WHERE ulog2.oob_family = 1;
++ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 1;
+
+ DROP VIEW IF EXISTS `view_icmpv6`;
+ CREATE SQL SECURITY INVOKER VIEW `view_icmpv6` AS
+- SELECT * FROM ulog2 WHERE ulog2.oob_family = 58;
++ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 58;
+
+ -- ulog view
+ DROP VIEW IF EXISTS `ulog`;
+@@ -222,11 +222,11 @@
+
+ DROP VIEW IF EXISTS `view_tcp_quad`;
+ CREATE SQL SECURITY INVOKER VIEW `view_tcp_quad` AS
+- SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,tcp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.oob_family = 6;
++ SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,tcp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.ip_protocol = 6;
+
+ DROP VIEW IF EXISTS `view_udp_quad`;
+ CREATE SQL SECURITY INVOKER VIEW `view_udp_quad` AS
+- SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,udp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.oob_family = 17;
++ SELECT _id,BIN_TO_IPV6(ip_saddr_bin) AS ip_saddr_str,udp_sport,BIN_TO_IPV6(ip_daddr_bin) AS ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.ip_protocol = 17;
+
+
+
+diff -urN ulogd-2.0.0beta3.orig/doc/pgsql-ulogd2-flat.sql ulogd-2.0.0beta3/doc/pgsql-ulogd2-flat.sql
+--- ulogd-2.0.0beta3.orig/doc/pgsql-ulogd2-flat.sql 2009-03-06 18:54:04.000000000 +0100
++++ ulogd-2.0.0beta3/doc/pgsql-ulogd2-flat.sql 2009-09-17 21:35:22.000000000 +0200
+@@ -108,16 +108,16 @@
+ --
+
+ CREATE OR REPLACE VIEW view_tcp AS
+- SELECT * FROM ulog2 WHERE ulog2.oob_family = 6;
++ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 6;
+
+ CREATE OR REPLACE VIEW view_udp AS
+- SELECT * FROM ulog2 WHERE ulog2.oob_family = 17;
++ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 17;
+
+ CREATE OR REPLACE VIEW view_icmp AS
+- SELECT * FROM ulog2 WHERE ulog2.oob_family = 1;
++ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 1;
+
+ CREATE OR REPLACE VIEW view_icmpv6 AS
+- SELECT * FROM ulog2 WHERE ulog2.oob_family = 58;
++ SELECT * FROM ulog2 WHERE ulog2.ip_protocol = 58;
+
+ -- complete view
+ CREATE OR REPLACE VIEW ulog AS
+@@ -179,10 +179,10 @@
+
+ -- shortcuts
+ CREATE OR REPLACE VIEW view_tcp_quad AS
+- SELECT _id,ip_saddr_str,tcp_sport,ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.oob_family = 6;
++ SELECT _id,ip_saddr_str,tcp_sport,ip_daddr_str,tcp_dport FROM ulog2 WHERE ulog2.ip_protocol = 6;
+
+ CREATE OR REPLACE VIEW view_udp_quad AS
+- SELECT _id,ip_saddr_str,udp_sport,ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.oob_family = 17;
++ SELECT _id,ip_saddr_str,udp_sport,ip_daddr_str,udp_dport FROM ulog2 WHERE ulog2.ip_protocol = 17;
+
+ --
+ -- conntrack
+diff -urN ulogd-2.0.0beta3.orig/doc/ulogd.sgml ulogd-2.0.0beta3/doc/ulogd.sgml
+--- ulogd-2.0.0beta3.orig/doc/ulogd.sgml 2008-09-12 00:06:46.000000000 +0200
++++ ulogd-2.0.0beta3/doc/ulogd.sgml 2009-09-17 21:35:22.000000000 +0200
+@@ -6,7 +6,7 @@
+
+ <title>ULOGD 2.x - the Netfilter Userspace Logging Daemon</title>
+ <author>Harald Welte <laforge at netfilter.org>, Eric Leblond <eric at inl.fr></author>
+-<date>Revision 2008/09/03</date>
++<date>Revision 2009/04/18</date>
+
+ <abstract>
+ This is the documentation for <tt>ulogd-2.x</tt>, the second generation
+@@ -464,6 +464,14 @@
+ <tag>procedure</tag>
+ Stored procedure that will be run with the argument specified in the
+ table variable.
++Behaviour of the procedure option can be twitted by using specific name.
++If procedure name is:
++<itemize>
++<item>"INSERT": A classic INSERT SQL query is done in the table pointed by the
++ "table" variable.</item>
++<item>start with "INSERT ": Configuration has to specify the start of the INSERT query that will be used. For example,
++a typical value is "INSERT INTO ulog2".</item>
++</itemize>
+ <tag>db</tag>
+ Name of the mysql database.
+ <tag>host</tag>
+diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_HWHDR.c ulogd-2.0.0beta3/filter/ulogd_filter_HWHDR.c
+--- ulogd-2.0.0beta3.orig/filter/ulogd_filter_HWHDR.c 2009-03-06 18:54:04.000000000 +0100
++++ ulogd-2.0.0beta3/filter/ulogd_filter_HWHDR.c 2009-09-17 21:35:22.000000000 +0200
+@@ -31,6 +31,8 @@
+ #include <linux/if_ether.h>
+ #include <ulogd/ulogd.h>
+
++#define HWADDR_LENGTH 128
++
+ enum input_keys {
+ KEY_RAW_TYPE,
+ KEY_OOB_PROTOCOL,
+@@ -44,8 +46,10 @@
+ KEY_MAC_TYPE,
+ KEY_MAC_PROTOCOL,
+ KEY_MAC_SADDR,
++ START_KEY = KEY_MAC_SADDR,
+ KEY_MAC_DADDR,
+ KEY_MAC_ADDR,
++ MAX_KEY = KEY_MAC_ADDR,
+ };
+
+ static struct ulogd_key mac2str_inp[] = {
+@@ -94,42 +98,38 @@
+ },
+ [KEY_MAC_SADDR] = {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "mac.saddr.str",
+ },
+ [KEY_MAC_DADDR] = {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "mac.daddr.str",
+ },
+ [KEY_MAC_ADDR] = {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "mac.str",
+ },
+ };
+
++static char hwmac_str[MAX_KEY - START_KEY][HWADDR_LENGTH];
++
+ static int parse_mac2str(struct ulogd_key *ret, unsigned char *mac,
+ int okey, int len)
+ {
+- char *mac_str;
+ char *buf_cur;
+ int i;
+
+- if (len > 0)
+- mac_str = calloc(len/sizeof(char)*3 + 1, sizeof(char));
+- else
+- mac_str = strdup("");
+-
+- if (mac_str == NULL)
++ if (len/sizeof(char)*3 + 1 > HWADDR_LENGTH)
+ return ULOGD_IRET_ERR;
+
+- buf_cur = mac_str;
++ if (len == 0)
++ hwmac_str[okey - START_KEY][0] = 0;
++
++ buf_cur = hwmac_str[okey - START_KEY];
+ for (i = 0; i < len; i++)
+ buf_cur += sprintf(buf_cur, "%02x%c", mac[i],
+ i == len - 1 ? 0 : ':');
+
+- okey_set_ptr(&ret[okey], mac_str);
++ okey_set_ptr(&ret[okey], hwmac_str[okey - START_KEY]);
+
+ return ULOGD_IRET_OK;
+ }
+diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IFINDEX.c ulogd-2.0.0beta3/filter/ulogd_filter_IFINDEX.c
+--- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IFINDEX.c 2009-03-06 18:54:04.000000000 +0100
++++ ulogd-2.0.0beta3/filter/ulogd_filter_IFINDEX.c 2009-09-17 21:35:22.000000000 +0200
+@@ -30,12 +30,14 @@
+ static struct ulogd_key ifindex_keys[] = {
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_NONE | ULOGD_RETF_FREE,
++ .len = IFNAMSIZ,
++ .flags = ULOGD_RETF_NONE,
+ .name = "oob.in",
+ },
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_NONE | ULOGD_RETF_FREE,
++ .len = IFNAMSIZ,
++ .flags = ULOGD_RETF_NONE,
+ .name = "oob.out",
+ },
+ };
+@@ -62,25 +64,18 @@
+ {
+ struct ulogd_key *ret = pi->output.keys;
+ struct ulogd_key *inp = pi->input.keys;
+- void *ptr;
++ static char indev[IFNAMSIZ];
++ static char outdev[IFNAMSIZ];
+
+- ptr = calloc(IFNAMSIZ, sizeof(char));
+- if (!ptr)
+- return ULOGD_IRET_ERR;
+-
+- nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), ptr);
+- if (((char *)ptr)[0] == '*')
+- ((char *)(ptr))[0] = 0;
+- okey_set_ptr(&ret[0], ptr);
+-
+- ptr = calloc(IFNAMSIZ, sizeof(char));
+- if (!ptr)
+- return ULOGD_IRET_ERR;
+-
+- nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), ptr);
+- if (((char *)ptr)[0] == '*')
+- ((char *)(ptr))[0] = 0;
+- okey_set_ptr(&ret[1], ptr);
++ nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), indev);
++ if (indev[0] == '*')
++ indev[0] = 0;
++ okey_set_ptr(&ret[0], indev);
++
++ nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), outdev);
++ if (outdev[0] == '*')
++ outdev[0] = 0;
++ okey_set_ptr(&ret[1], outdev);
+
+ return ULOGD_IRET_OK;
+ }
+diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2BIN.c ulogd-2.0.0beta3/filter/ulogd_filter_IP2BIN.c
+--- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2BIN.c 2009-03-06 18:54:04.000000000 +0100
++++ ulogd-2.0.0beta3/filter/ulogd_filter_IP2BIN.c 2009-09-17 21:35:22.000000000 +0200
+@@ -27,11 +27,13 @@
+ #include <string.h>
+ #include <arpa/inet.h>
+ #include <ulogd/ulogd.h>
++#include <netinet/if_ether.h>
+
+ #define IPADDR_LENGTH 128
+
+ enum input_keys {
+ KEY_OOB_FAMILY,
++ KEY_OOB_PROTOCOL,
+ KEY_IP_SADDR,
+ START_KEY = KEY_IP_SADDR,
+ KEY_IP_DADDR,
+@@ -83,37 +85,33 @@
+ static struct ulogd_key ip2bin_keys[] = {
+ {
+ .type = ULOGD_RET_RAWSTR,
+- .flags = ULOGD_RETF_FREE,
+ .name = "ip.saddr.bin",
+ },
+ {
+ .type = ULOGD_RET_RAWSTR,
+- .flags = ULOGD_RETF_FREE,
+ .name = "ip.daddr.bin",
+ },
+ {
+ .type = ULOGD_RET_RAWSTR,
+- .flags = ULOGD_RETF_FREE,
+ .name = "orig.ip.saddr.bin",
+ },
+ {
+ .type = ULOGD_RET_RAWSTR,
+- .flags = ULOGD_RETF_FREE,
+ .name = "orig.ip.daddr.bin",
+ },
+ {
+ .type = ULOGD_RET_RAWSTR,
+- .flags = ULOGD_RETF_FREE,
+ .name = "reply.ip.saddr.bin",
+ },
+ {
+ .type = ULOGD_RET_RAWSTR,
+- .flags = ULOGD_RETF_FREE,
+ .name = "reply.ip.daddr.bin",
+ },
+
+ };
+
++static char ipbin_array[MAX_KEY-START_KEY][IPADDR_LENGTH];
++
+ /**
+ * Convert IPv4 address (as 32-bit unsigned integer) to IPv6 address:
+ * add 96 bits prefix "::ffff:" to get IPv6 address "::ffff:a.b.c.d".
+@@ -126,16 +124,40 @@
+ ipv6->s6_addr32[3] = ipv4;
+ }
+
+-static char *ip2bin(struct ulogd_key* inp, int index, char family)
++static int ip2bin(struct ulogd_key* inp, int index, int oindex)
+ {
+- char tmp[IPADDR_LENGTH];
++ char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
++ char convfamily = family;
+ unsigned char *addr8;
+ struct in6_addr *addr;
+ struct in6_addr ip4_addr;
+ char *buffer;
+ int i, written;
+
+- switch (family) {
++ if (family == AF_BRIDGE) {
++ if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
++ ulogd_log(ULOGD_NOTICE,
++ "No protocol inside AF_BRIDGE packet\n");
++ return ULOGD_IRET_ERR;
++ }
++ switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
++ case ETH_P_IPV6:
++ convfamily = AF_INET6;
++ break;
++ case ETH_P_IP:
++ convfamily = AF_INET;
++ break;
++ case ETH_P_ARP:
++ convfamily = AF_INET;
++ break;
++ default:
++ ulogd_log(ULOGD_NOTICE,
++ "Unknown protocol inside AF_BRIDGE packet\n");
++ return ULOGD_IRET_ERR;
++ }
++ }
++
++ switch (convfamily) {
+ case AF_INET6:
+ addr = (struct in6_addr *)ikey_get_u128(&inp[index]);
+ break;
+@@ -147,10 +169,10 @@
+ default:
+ /* TODO handle error */
+ ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n");
+- return NULL;
++ return ULOGD_IRET_ERR;
+ }
+
+- buffer = tmp;
++ buffer = ipbin_array[oindex];
+ /* format IPv6 to BINARY(16) as "0x..." */
+ buffer[0] = '0';
+ buffer[1] = 'x';
+@@ -161,14 +183,14 @@
+ addr8[0], addr8[1], addr8[2], addr8[3]);
+ if (written != 2 * 4) {
+ buffer[0] = 0;
+- return NULL;
++ return ULOGD_IRET_ERR;
+ }
+ buffer += written;
+ addr8 += 4;
+ }
+ buffer[0] = 0;
+
+- return strdup(tmp);
++ return ULOGD_IRET_OK;
+ }
+
+ static int interp_ip2bin(struct ulogd_pluginstance *pi)
+@@ -176,12 +198,16 @@
+ struct ulogd_key *ret = pi->output.keys;
+ struct ulogd_key *inp = pi->input.keys;
+ int i;
+- int oob_family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
++ int fret;
+
+ /* Iter on all addr fields */
+ for(i = START_KEY; i < MAX_KEY; i++) {
+ if (pp_is_valid(inp, i)) {
+- okey_set_ptr(&ret[i-1], ip2bin(inp, i, oob_family));
++ fret = ip2bin(inp, i, i-START_KEY);
++ if (fret != ULOGD_IRET_OK)
++ return fret;
++ okey_set_ptr(&ret[i-START_KEY],
++ ipbin_array[i-START_KEY]);
+ }
+ }
+
+diff -urN ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2STR.c ulogd-2.0.0beta3/filter/ulogd_filter_IP2STR.c
+--- ulogd-2.0.0beta3.orig/filter/ulogd_filter_IP2STR.c 2009-03-06 18:54:04.000000000 +0100
++++ ulogd-2.0.0beta3/filter/ulogd_filter_IP2STR.c 2009-09-17 21:35:22.000000000 +0200
+@@ -102,49 +102,42 @@
+ static struct ulogd_key ip2str_keys[] = {
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "ip.saddr.str",
+ },
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "ip.daddr.str",
+ },
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "orig.ip.saddr.str",
+ },
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "orig.ip.daddr.str",
+ },
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "reply.ip.saddr.str",
+ },
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "reply.ip.daddr.str",
+ },
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "arp.saddr.str",
+ },
+ {
+ .type = ULOGD_RET_STRING,
+- .flags = ULOGD_RETF_FREE,
+ .name = "arp.daddr.str",
+ },
+ };
+
+-static char *ip2str(struct ulogd_key *inp, int index)
++static char ipstr_array[MAX_KEY-START_KEY][IPADDR_LENGTH];
++
++static int ip2str(struct ulogd_key *inp, int index, int oindex)
+ {
+- char tmp[IPADDR_LENGTH];
+ char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
+ char convfamily = family;
+
+@@ -152,7 +145,7 @@
+ if (!pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
+ ulogd_log(ULOGD_NOTICE,
+ "No protocol inside AF_BRIDGE packet\n");
+- return NULL;
++ return ULOGD_IRET_ERR;
+ }
+ switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
+ case ETH_P_IPV6:
+@@ -167,7 +160,7 @@
+ default:
+ ulogd_log(ULOGD_NOTICE,
+ "Unknown protocol inside AF_BRIDGE packet\n");
+- return NULL;
++ return ULOGD_IRET_ERR;
+ }
+ }
+
+@@ -176,18 +169,19 @@
+ case AF_INET6:
+ inet_ntop(AF_INET6,
+ ikey_get_u128(&inp[index]),
+- tmp, sizeof(tmp));
++ ipstr_array[oindex], sizeof(ipstr_array[oindex]));
+ break;
+ case AF_INET:
+ ip = ikey_get_u32(&inp[index]);
+- inet_ntop(AF_INET, &ip, tmp, sizeof(tmp));
++ inet_ntop(AF_INET, &ip,
++ ipstr_array[oindex], sizeof(ipstr_array[oindex]));
+ break;
+ default:
+ /* TODO error handling */
+ ulogd_log(ULOGD_NOTICE, "Unknown protocol family\n");
+- return NULL;
++ return ULOGD_IRET_ERR;
+ }
+- return strdup(tmp);
++ return ULOGD_IRET_OK;
+ }
+
+ static int interp_ip2str(struct ulogd_pluginstance *pi)
+@@ -195,11 +189,16 @@
+ struct ulogd_key *ret = pi->output.keys;
+ struct ulogd_key *inp = pi->input.keys;
+ int i;
++ int fret;
+
+ /* Iter on all addr fields */
+ for (i = START_KEY; i <= MAX_KEY; i++) {
+ if (pp_is_valid(inp, i)) {
+- okey_set_ptr(&ret[i-START_KEY], ip2str(inp, i));
++ fret = ip2str(inp, i, i-START_KEY);
++ if (fret != ULOGD_IRET_OK)
++ return fret;
++ okey_set_ptr(&ret[i-START_KEY],
++ ipstr_array[i-START_KEY]);
+ }
+ }
+
+diff -urN ulogd-2.0.0beta3.orig/include/ulogd/ulogd.h ulogd-2.0.0beta3/include/ulogd/ulogd.h
+--- ulogd-2.0.0beta3.orig/include/ulogd/ulogd.h 2009-03-06 18:54:04.000000000 +0100
++++ ulogd-2.0.0beta3/include/ulogd/ulogd.h 2009-09-17 21:35:22.000000000 +0200
+@@ -19,6 +19,7 @@
+ #include <signal.h> /* need this because of extension-sighandler */
+ #include <sys/types.h>
+ #include <string.h>
++#include <config.h>
+
+ #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+
+diff -urN ulogd-2.0.0beta3.orig/input/flow/ulogd_inpflow_NFCT.c ulogd-2.0.0beta3/input/flow/ulogd_inpflow_NFCT.c
+--- ulogd-2.0.0beta3.orig/input/flow/ulogd_inpflow_NFCT.c 2009-03-06 18:54:04.000000000 +0100
++++ ulogd-2.0.0beta3/input/flow/ulogd_inpflow_NFCT.c 2009-09-17 21:35:22.000000000 +0200
+@@ -114,6 +114,12 @@
+ .options = CONFIG_OPT_NONE,
+ .u.value = 0,
+ },
++ {
++ .key = "netlink_resync_timeout",
++ .type = CONFIG_TYPE_INT,
++ .options = CONFIG_OPT_NONE,
++ .u.value = 60,
++ },
+ },
+ };
+ #define pollint_ce(x) (x->ces[0])
+@@ -123,6 +129,7 @@
+ #define eventmask_ce(x) (x->ces[4])
+ #define nlsockbufsize_ce(x) (x->ces[5])
+ #define nlsockbufmaxsize_ce(x) (x->ces[6])
++#define nlresynctimeout_ce(x) (x->ces[7])
+
+ enum nfct_keys {
+ NFCT_ORIG_IP_SADDR = 0,
+@@ -596,6 +603,9 @@
+ switch(type) {
+ case NFCT_T_NEW:
+ ts = hashtable_add(cpi->ct_active, &tmp);
++ if (ts == NULL)
++ return NFCT_CB_CONTINUE;
++
+ gettimeofday(&ts->time[START], NULL);
+ return NFCT_CB_STOLEN;
+ case NFCT_T_UPDATE:
+@@ -604,6 +614,9 @@
+ nfct_copy(ts->ct, ct, NFCT_CP_META);
+ else {
+ ts = hashtable_add(cpi->ct_active, &tmp);
++ if (ts == NULL)
++ return NFCT_CB_CONTINUE;
++
+ gettimeofday(&ts->time[START], NULL);
+ return NFCT_CB_STOLEN;
+ }
+@@ -637,12 +650,18 @@
+ {
+ struct nfct_pluginstance *cpi =
+ (struct nfct_pluginstance *)upi->private;
++ static int warned = 0;
+
+ if (size < nlsockbufmaxsize_ce(upi->config_kset).u.value) {
+ cpi->nlbufsiz = nfnl_rcvbufsiz(nfct_nfnlh(cpi->cth), size);
+ return 1;
+ }
+
++ /* we have already warned the user, do not keep spamming */
++ if (warned)
++ return 0;
++
++ warned = 1;
+ ulogd_log(ULOGD_NOTICE, "Maximum buffer size (%d) in NFCT has been "
+ "reached. Please, consider rising "
+ "`netlink_socket_buffer_size` and "
+@@ -657,14 +676,13 @@
+ struct ulogd_pluginstance *upi = container_of(param,
+ struct ulogd_pluginstance,
+ private);
++ static int warned = 0;
+
+ if (!(what & ULOGD_FD_READ))
+ return 0;
+
+ if (nfct_catch(cpi->cth) == -1) {
+ if (errno == ENOBUFS) {
+- int family = AF_UNSPEC;
+-
+ if (nlsockbufmaxsize_ce(upi->config_kset).u.value) {
+ int s = cpi->nlbufsiz * 2;
<<Diff was trimmed, longer than 597 lines>>
More information about the pld-cvs-commit
mailing list