netfilter: nfnetlink_queue: batch verdict support
Introduces a new nfnetlink type that applies a given verdict to all queued packets with an id <= the id in the verdict message. If a mark is provided it is applied to all matched packets. This reduces the number of verdicts that have to be sent. Applications that make use of this feature need to maintain a timeout to send a batchverdict periodically to avoid starvation. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Florian Westphal
committed by
Patrick McHardy
Patrick McHardy
parent
5863702a34
commit
97d32cf944
@@ -8,6 +8,7 @@ enum nfqnl_msg_types {
|
||||
NFQNL_MSG_PACKET, /* packet from kernel to userspace */
|
||||
NFQNL_MSG_VERDICT, /* verdict from userspace to kernel */
|
||||
NFQNL_MSG_CONFIG, /* connect to a particular queue */
|
||||
NFQNL_MSG_VERDICT_BATCH, /* batchv from userspace to kernel */
|
||||
|
||||
NFQNL_MSG_MAX
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user