netfilter/queue: introduce nfnl_queue_msg_send_verdict_batch()

The batched verdict implicitely ACKs all queue packet IDs up to the one send back, which reduces the number of verdict messages send to the kernel. Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org> Signed-off-by: Thomas Graf <tgraf@suug.ch>
author: Holger Eitzenberger <holger@eitzenberger.org> 2013-06-19 13:23:15 (GMT)
committer: Thomas Graf <tgraf@suug.ch> 2013-06-26 23:16:15 (GMT)
commit: d612180cda43606425c3476e13a6076b6271d27a (patch)
tree: 331f3f5fc14515443a82a50f24ae91df465d41bc
parent: 34a96ba5c2d168701b8b2621164206ddc03d8b4c (diff)
download: libnl-d612180cda43606425c3476e13a6076b6271d27a.zip
libnl-d612180cda43606425c3476e13a6076b6271d27a.tar.gz
libnl-d612180cda43606425c3476e13a6076b6271d27a.tar.bz2
2 files changed, 31 insertions, 0 deletions
diff --git a/include/netlink/netfilter/queue_msg.h b/include/netlink/netfilter/queue_msg.h
index 24ed081..9befee7 100644
--- a/include/netlink/netfilter/queue_msg.h
+++ b/include/netlink/netfilter/queue_msg.h
@@ -93,6 +93,8 @@ extern unsigned int		nfnl_queue_msg_get_verdict(const struct nfnl_queue_msg *);
 extern struct nl_msg *		nfnl_queue_msg_build_verdict(const struct nfnl_queue_msg *);
 extern int			nfnl_queue_msg_send_verdict(struct nl_sock *,
 							    const struct nfnl_queue_msg *);
+extern int			nfnl_queue_msg_send_verdict_batch(struct nl_sock *,
+							    const struct nfnl_queue_msg *);
 extern int			nfnl_queue_msg_send_verdict_payload(struct nl_sock *,
 						const struct nfnl_queue_msg *,
 						const void *, unsigned );
diff --git a/lib/netfilter/queue_msg.c b/lib/netfilter/queue_msg.c
index dc92fce..1425577 100644
--- a/lib/netfilter/queue_msg.c
+++ b/lib/netfilter/queue_msg.c
@@ -199,6 +199,12 @@ nfnl_queue_msg_build_verdict(const struct nfnl_queue_msg *msg)
 	return __nfnl_queue_msg_build_verdict(msg, NFQNL_MSG_VERDICT);
 }
 
+struct nl_msg *
+nfnl_queue_msg_build_verdict_batch(const struct nfnl_queue_msg *msg)
+{
+	return __nfnl_queue_msg_build_verdict(msg, NFQNL_MSG_VERDICT_BATCH);
+}
+
 /**
 * Send a message verdict/mark
 * @arg nlh            netlink messsage header
@@ -223,6 +229,29 @@ int nfnl_queue_msg_send_verdict(struct nl_sock *nlh,
 }
 
 /**
+* Send a message batched verdict/mark
+* @arg nlh            netlink messsage header
+* @arg msg            queue msg
+* @return 0 on OK or error code
+*/
+int nfnl_queue_msg_send_verdict_batch(struct nl_sock *nlh,
+									  const struct nfnl_queue_msg *msg)
+{
+	struct nl_msg *nlmsg;
+	int err;
+
+	nlmsg = nfnl_queue_msg_build_verdict_batch(msg);
+	if (nlmsg == NULL)
+		return -NLE_NOMEM;
+
+	err = nl_send_auto_complete(nlh, nlmsg);
+	nlmsg_free(nlmsg);
+	if (err < 0)
+		return err;
+	return wait_for_ack(nlh);
+}
+
+/**
 * Send a message verdict including the payload
 * @arg nlh            netlink messsage header
 * @arg msg            queue msg
author	Holger Eitzenberger <holger@eitzenberger.org>	2013-06-19 13:23:15 (GMT)
committer	Thomas Graf <tgraf@suug.ch>	2013-06-26 23:16:15 (GMT)
commit	d612180cda43606425c3476e13a6076b6271d27a (patch)
tree	331f3f5fc14515443a82a50f24ae91df465d41bc
parent	34a96ba5c2d168701b8b2621164206ddc03d8b4c (diff)
download	libnl-d612180cda43606425c3476e13a6076b6271d27a.zip libnl-d612180cda43606425c3476e13a6076b6271d27a.tar.gz libnl-d612180cda43606425c3476e13a6076b6271d27a.tar.bz2