[prev in list] [next in list] [prev in thread] [next in thread]
List: netfilter-devel
Subject: conntrack session information
From: Amin Azez <azez () ufomechanic ! net>
Date: 2005-04-20 12:11:14
Message-ID: 426646E2.5040504 () ufomechanic ! net
[Download RAW message or body]
Wang Jian wrote:
> There is problem to create whole sessions record from events. event
> messages should carry necessary information for correlation
I'm proposing that we base this session id on a 64 bit counter.
I will also want to adjust conntrack to record the system time at which
the conntrack was created anyway.
If we also associate with this a serial number, the chances "in normal
use" that the counter will wrap around with the same system time are
miniscule.
For most purposes the connection serial number is unique, but the
associated timestamp makes it historically unique.
Final question, I suppose that ip_conntrack.master references will cause
the master conntrack (of related conntracks) to hang around until the
related conntracks have been deleted? Thus, the netlink stuff can report
the id of the master conntrack when it reports other conntrack info.
Does this sound reasonable to folk? Is this too much overheard per
conntrack? What bottlenecks are there?
Maybe it would require a cross-cpu counter with serialized access. Is
there a standard kernel form for this, or do we use spinlocked structs
or something? Or is a per-cpu counter preferred, combined with a CPU-id?
Amin
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic