netfilter: ctnetlink: account both directions in one step

With the intent to dump other accounting data later.
This patch is a cleanup.

Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Holger Eitzenberger 2013-09-26 17:31:52 +02:00 committed by Pablo Neira Ayuso
parent f7b13e4330
commit 4542fa4727
1 changed files with 24 additions and 25 deletions

View File

@ -211,13 +211,23 @@ nla_put_failure:
} }
static int static int
dump_counters(struct sk_buff *skb, u64 pkts, u64 bytes, dump_counters(struct sk_buff *skb, struct nf_conn_acct *acct,
enum ip_conntrack_dir dir) enum ip_conntrack_dir dir, int type)
{ {
enum ctattr_type type = dir ? CTA_COUNTERS_REPLY: CTA_COUNTERS_ORIG; enum ctattr_type attr = dir ? CTA_COUNTERS_REPLY: CTA_COUNTERS_ORIG;
struct nf_conn_counter *counter = acct->counter;
struct nlattr *nest_count; struct nlattr *nest_count;
u64 pkts, bytes;
nest_count = nla_nest_start(skb, type | NLA_F_NESTED); if (type == IPCTNL_MSG_CT_GET_CTRZERO) {
pkts = atomic64_xchg(&counter[dir].packets, 0);
bytes = atomic64_xchg(&counter[dir].bytes, 0);
} else {
pkts = atomic64_read(&counter[dir].packets);
bytes = atomic64_read(&counter[dir].bytes);
}
nest_count = nla_nest_start(skb, attr | NLA_F_NESTED);
if (!nest_count) if (!nest_count)
goto nla_put_failure; goto nla_put_failure;
@ -234,26 +244,19 @@ nla_put_failure:
} }
static int static int
ctnetlink_dump_counters(struct sk_buff *skb, const struct nf_conn *ct, ctnetlink_dump_acct(struct sk_buff *skb, const struct nf_conn *ct, int type)
enum ip_conntrack_dir dir, int type)
{ {
struct nf_conn_acct *acct; struct nf_conn_acct *acct = nf_conn_acct_find(ct);
struct nf_conn_counter *counter;
u64 pkts, bytes;
acct = nf_conn_acct_find(ct);
if (!acct) if (!acct)
return 0; return 0;
counter = acct->counter; if (dump_counters(skb, acct, IP_CT_DIR_ORIGINAL, type) < 0)
if (type == IPCTNL_MSG_CT_GET_CTRZERO) { return -1;
pkts = atomic64_xchg(&counter[dir].packets, 0); if (dump_counters(skb, acct, IP_CT_DIR_REPLY, type) < 0)
bytes = atomic64_xchg(&counter[dir].bytes, 0); return -1;
} else {
pkts = atomic64_read(&counter[dir].packets); return 0;
bytes = atomic64_read(&counter[dir].bytes);
}
return dump_counters(skb, pkts, bytes, dir);
} }
static int static int
@ -490,8 +493,7 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
if (ctnetlink_dump_status(skb, ct) < 0 || if (ctnetlink_dump_status(skb, ct) < 0 ||
ctnetlink_dump_timeout(skb, ct) < 0 || ctnetlink_dump_timeout(skb, ct) < 0 ||
ctnetlink_dump_counters(skb, ct, IP_CT_DIR_ORIGINAL, type) < 0 || ctnetlink_dump_acct(skb, ct, type) < 0 ||
ctnetlink_dump_counters(skb, ct, IP_CT_DIR_REPLY, type) < 0 ||
ctnetlink_dump_timestamp(skb, ct) < 0 || ctnetlink_dump_timestamp(skb, ct) < 0 ||
ctnetlink_dump_protoinfo(skb, ct) < 0 || ctnetlink_dump_protoinfo(skb, ct) < 0 ||
ctnetlink_dump_helpinfo(skb, ct) < 0 || ctnetlink_dump_helpinfo(skb, ct) < 0 ||
@ -675,10 +677,7 @@ ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item)
goto nla_put_failure; goto nla_put_failure;
if (events & (1 << IPCT_DESTROY)) { if (events & (1 << IPCT_DESTROY)) {
if (ctnetlink_dump_counters(skb, ct, if (ctnetlink_dump_acct(skb, ct, type) < 0 ||
IP_CT_DIR_ORIGINAL, type) < 0 ||
ctnetlink_dump_counters(skb, ct,
IP_CT_DIR_REPLY, type) < 0 ||
ctnetlink_dump_timestamp(skb, ct) < 0) ctnetlink_dump_timestamp(skb, ct) < 0)
goto nla_put_failure; goto nla_put_failure;
} else { } else {