From ff1cd5fc0300b21924e97c045b36ecdfd8759c7e Mon Sep 17 00:00:00 2001
From: Marek Majkowski <marek@cloudflare.com>
Date: Thu, 19 Feb 2015 02:46:32 +0000
Subject: [PATCH] nflog: make sure the messages aren't buffered for default 1
 second

Also: improve documentation.
---
 README.md   | 13 ++++++++++---
 src/nflog.c |  6 ++++++
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index ac41d87..cb4d779 100644
--- a/README.md
+++ b/README.md
@@ -79,8 +79,15 @@ This will cause `pmtud` to listen to packets from NFLOG and use `eth0`
 to brodcast them if neccesary. Debug by listing this /proc file:
 
     cat /proc/net/netfilter/nfnetlink_log
+    33  32781     0 2 65535      0  1
 
-Where the format of this file is similar to `nfnetling_queue`
-described here:
+Where columns read:
+
+ * nflog group number of a given queue (16 bits)
+ * peer portid: most likely the pid of process
+ * number of messages buffered on the kernel side
+ * copy mode: 2 for full packet copy
+ * copy range: max packet size
+ * flush timeout in 1/100th of a second
+ * use count
 
-  * https://home.regit.org/netfilter-en/using-nfqueue-and-libnetfilter_queue/
diff --git a/src/nflog.c b/src/nflog.c
index cf974d3..70a7135 100644
--- a/src/nflog.c
+++ b/src/nflog.c
@@ -121,6 +121,12 @@ struct nflog *nflog_alloc(uint16_t group_no, unsigned queue_maxlen,
 		PFATAL("nflog_set_mode");
 	}
 
+	/* Disable netlink timeout, to reduce latency. The units of
+	 * value are 1/100th of second. */
+	if (nflog_set_timeout(n->qh, 0) < 0) {
+		PFATAL("nflog_set_timeout");
+	}
+
 	int fd = nflog_fd(n->h);
 
 	int opt = 1;