]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/commitdiff
netfilter: ctnetlink: account both directions in one step
authorHolger Eitzenberger <holger@eitzenberger.org>
Thu, 26 Sep 2013 15:31:52 +0000 (17:31 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Sun, 3 Nov 2013 20:49:32 +0000 (21:49 +0100)
With the intent to dump other accounting data later.
This patch is a cleanup.

Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_conntrack_netlink.c

index ddc3777d8340e0ef8d2f8312a90085580dac4998..08870b859046fb17f40125b7e1f8faeb42d93061 100644 (file)
@@ -211,13 +211,23 @@ nla_put_failure:
 }
 
 static int
-dump_counters(struct sk_buff *skb, u64 pkts, u64 bytes,
-             enum ip_conntrack_dir dir)
+dump_counters(struct sk_buff *skb, struct nf_conn_acct *acct,
+             enum ip_conntrack_dir dir, int type)
 {
-       enum ctattr_type type = dir ? CTA_COUNTERS_REPLY: CTA_COUNTERS_ORIG;
+       enum ctattr_type attr = dir ? CTA_COUNTERS_REPLY: CTA_COUNTERS_ORIG;
+       struct nf_conn_counter *counter = acct->counter;
        struct nlattr *nest_count;
+       u64 pkts, bytes;
 
-       nest_count = nla_nest_start(skb, type | NLA_F_NESTED);
+       if (type == IPCTNL_MSG_CT_GET_CTRZERO) {
+               pkts = atomic64_xchg(&counter[dir].packets, 0);
+               bytes = atomic64_xchg(&counter[dir].bytes, 0);
+       } else {
+               pkts = atomic64_read(&counter[dir].packets);
+               bytes = atomic64_read(&counter[dir].bytes);
+       }
+
+       nest_count = nla_nest_start(skb, attr | NLA_F_NESTED);
        if (!nest_count)
                goto nla_put_failure;
 
@@ -234,26 +244,19 @@ nla_put_failure:
 }
 
 static int
-ctnetlink_dump_counters(struct sk_buff *skb, const struct nf_conn *ct,
-                       enum ip_conntrack_dir dir, int type)
+ctnetlink_dump_acct(struct sk_buff *skb, const struct nf_conn *ct, int type)
 {
-       struct nf_conn_acct *acct;
-       struct nf_conn_counter *counter;
-       u64 pkts, bytes;
+       struct nf_conn_acct *acct = nf_conn_acct_find(ct);
 
-       acct = nf_conn_acct_find(ct);
        if (!acct)
                return 0;
 
-       counter = acct->counter;
-       if (type == IPCTNL_MSG_CT_GET_CTRZERO) {
-               pkts = atomic64_xchg(&counter[dir].packets, 0);
-               bytes = atomic64_xchg(&counter[dir].bytes, 0);
-       } else {
-               pkts = atomic64_read(&counter[dir].packets);
-               bytes = atomic64_read(&counter[dir].bytes);
-       }
-       return dump_counters(skb, pkts, bytes, dir);
+       if (dump_counters(skb, acct, IP_CT_DIR_ORIGINAL, type) < 0)
+               return -1;
+       if (dump_counters(skb, acct, IP_CT_DIR_REPLY, type) < 0)
+               return -1;
+
+       return 0;
 }
 
 static int
@@ -490,8 +493,7 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
 
        if (ctnetlink_dump_status(skb, ct) < 0 ||
            ctnetlink_dump_timeout(skb, ct) < 0 ||
-           ctnetlink_dump_counters(skb, ct, IP_CT_DIR_ORIGINAL, type) < 0 ||
-           ctnetlink_dump_counters(skb, ct, IP_CT_DIR_REPLY, type) < 0 ||
+           ctnetlink_dump_acct(skb, ct, type) < 0 ||
            ctnetlink_dump_timestamp(skb, ct) < 0 ||
            ctnetlink_dump_protoinfo(skb, ct) < 0 ||
            ctnetlink_dump_helpinfo(skb, ct) < 0 ||
@@ -675,10 +677,7 @@ ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item)
                goto nla_put_failure;
 
        if (events & (1 << IPCT_DESTROY)) {
-               if (ctnetlink_dump_counters(skb, ct,
-                                           IP_CT_DIR_ORIGINAL, type) < 0 ||
-                   ctnetlink_dump_counters(skb, ct,
-                                           IP_CT_DIR_REPLY, type) < 0 ||
+               if (ctnetlink_dump_acct(skb, ct, type) < 0 ||
                    ctnetlink_dump_timestamp(skb, ct) < 0)
                        goto nla_put_failure;
        } else {