netfilter: nf_conntrack: split up IPCT_STATUS event - linux-dev - Linux kernel development work

diff options

author	Patrick McHardy <kaber@trash.net>	2010-02-03 13:48:53 +0100
committer	Patrick McHardy <kaber@trash.net>	2010-02-03 13:48:53 +0100
commit	858b31330054a9ad259feceea0ad1ce5385c47f0 (patch)
tree	642349680ff9c29d506dd7661bbc8b724209fbf5 /net/unix/af_unix.c
parent	netfilter: add struct net * to target parameters (diff)
download	linux-dev-858b31330054a9ad259feceea0ad1ce5385c47f0.tar.xz linux-dev-858b31330054a9ad259feceea0ad1ce5385c47f0.zip

netfilter: nf_conntrack: split up IPCT_STATUS event

Split up the IPCT_STATUS event into an IPCT_REPLY event, which is generated when the IPS_SEEN_REPLY bit is set, and an IPCT_ASSURED event, which is generated when the IPS_ASSURED bit is set. In combination with a following patch to support selective event delivery, this can be used for "sparse" conntrack replication: start replicating the conntrack entry after it reached the ASSURED state and that way it's SYN-flood resistant. Signed-off-by: Patrick McHardy <kaber@trash.net>

Diffstat (limited to 'net/unix/af_unix.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: