lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Sat, 27 Feb 2010 14:40:14 +0800
From:	Shan Wei <shanwei@...fujitsu.com>
To:	Patrick McHardy <kaber@...sh.net>,
	David Miller <davem@...emloft.net>,
	Alexey Dobriyan <adobriyan@...il.com>,
	Yasuyuki KOZAKAI <yasuyuki.kozakai@...hiba.co.jp>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	netfilter-devel@...r.kernel.org
Subject: [RFC PATCH net-next 7/7 v2]IPv6:netfilter: Add IPSTATS_MIB_REASMFAILS
 MIB counter value when evicting fragment queue

This patch adds MIB counter value about IPSTATS_MIB_REASMFAILS
if mem member of netns_frags exceeds high thresh, just like IPv4/v6 stack.


Signed-off-by: Shan Wei <shanwei@...fujitsu.com>
---
 net/ipv6/netfilter/nf_conntrack_reasm.c |   10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index fc97a68..501aca7 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -200,9 +200,13 @@ static __inline__ void fq_kill(struct nf_ct_frag6_queue *fq)
 	inet_frag_kill(&fq->q, &nf_frags);
 }
 
-static void nf_ct_frag6_evictor(struct net *net)
+static void nf_ct_frag6_evictor(struct net *net, struct inet6_dev *idev)
 {
-	inet_frag_evictor(&net->ipv6.frags, &nf_frags);
+	int evicted;
+
+	evicted = inet_frag_evictor(&net->ipv6.frags, &nf_frags);
+	if (evicted)
+		IP6_ADD_STATS_BH(net, idev, IPSTATS_MIB_REASMFAILS, evicted);
 }
 
 static void nf_ct_frag6_expire(unsigned long data)
@@ -712,7 +716,7 @@ struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user)
 	fhdr = (struct frag_hdr *)skb_transport_header(clone);
 
 	if (atomic_read(&net->ipv6.frags.mem) > net->ipv6.frags.high_thresh)
-		nf_ct_frag6_evictor(net);
+		nf_ct_frag6_evictor(net, idev);
 
 	fq = fq_find(net, fhdr->identification, user, &hdr->saddr, &hdr->daddr);
 	if (fq == NULL) {
-- 
1.6.3.3
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists