diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-02-17 20:47:21 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-02-17 20:47:21 +0100 |
commit | bc56a6becbd4c4edf743ca3bee32eb0329fc5e5a (patch) | |
tree | f75ad5bdf1b1a20031f359b3765719df99a62ad8 /src | |
parent | 3bd2cefc0fb9685fde9d402fdbe3f4f3ec3ddd7d (diff) | |
download | libnetfilter_queue-bc56a6becbd4c4edf743ca3bee32eb0329fc5e5a.tar.gz |
nfq: replace nfnl_talk by nfnl_query and disable sequence tracking
This patch replaces the nfnl_talk() calls by the newer nfnl_query().
This patch also disables netlink sequence tracking by default.
Spurious race conditions in the sequence tracking may occur while
creating queues and receiving high load of packets at the same time.
Reported-by: Anton Vazir <anton.vazir@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/libnetfilter_queue.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 9e4903b..a2d0de2 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -141,7 +141,7 @@ __build_send_cfg_msg(struct nfq_handle *h, u_int8_t command, cmd.pf = htons(pf); nfnl_addattr_l(&u.nmh, sizeof(u), NFQA_CFG_CMD, &cmd, sizeof(cmd)); - return nfnl_talk(h->nfnlh, &u.nmh, 0, 0, NULL, NULL, NULL); + return nfnl_query(h->nfnlh, &u.nmh); } static int __nfq_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[], @@ -295,6 +295,9 @@ struct nfq_handle *nfq_open(void) if (!nfnlh) return NULL; + /* unset netlink sequence tracking by default */ + nfnl_unset_sequence_tracking(nfnlh); + qh = nfq_open_nfnl(nfnlh); if (!qh) nfnl_close(nfnlh); @@ -553,7 +556,7 @@ int nfq_set_mode(struct nfq_q_handle *qh, nfnl_addattr_l(&u.nmh, sizeof(u), NFQA_CFG_PARAMS, ¶ms, sizeof(params)); - return nfnl_talk(qh->h->nfnlh, &u.nmh, 0, 0, NULL, NULL, NULL); + return nfnl_query(qh->h->nfnlh, &u.nmh); } /** @@ -581,7 +584,7 @@ int nfq_set_queue_maxlen(struct nfq_q_handle *qh, nfnl_addattr_l(&u.nmh, sizeof(u), NFQA_CFG_QUEUE_MAXLEN, &queue_maxlen, sizeof(queue_maxlen)); - return nfnl_talk(qh->h->nfnlh, &u.nmh, 0, 0, NULL, NULL, NULL); + return nfnl_query(qh->h->nfnlh, &u.nmh); } /** |