UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity

netfilter: xt_connlimit: use hlist instead 

The header of hlist is smaller than list.

Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Changli Gao 2011-03-15 13:25:42 +01:00 committed by Patrick McHardy
parent 0e23ca14f8
commit 3e0d5149e6
1 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
net/netfilter/xt_connlimit.c
View File

@ -33,14 +33,14 @@
/* we will save the tuples of all connections we care about */ /* we will save the tuples of all connections we care about */
struct xt_connlimit_conn { struct xt_connlimit_conn {
struct list_head list; struct hlist_node node;
struct nf_conntrack_tuple tuple; struct nf_conntrack_tuple tuple;
union nf_inet_addr addr; union nf_inet_addr addr;
}; };
struct xt_connlimit_data { struct xt_connlimit_data {
struct list_head iphash[256]; struct hlist_head iphash[256];
spinlock_t lock; spinlock_t lock;
}; };
static u_int32_t connlimit_rnd __read_mostly; static u_int32_t connlimit_rnd __read_mostly;
@ -102,9 +102,9 @@ static int count_them(struct net *net,
{ {
const struct nf_conntrack_tuple_hash *found; const struct nf_conntrack_tuple_hash *found;
struct xt_connlimit_conn *conn; struct xt_connlimit_conn *conn;
struct xt_connlimit_conn *tmp; struct hlist_node *pos, *n;
struct nf_conn *found_ct; struct nf_conn *found_ct;
struct list_head *hash; struct hlist_head *hash;
bool addit = true; bool addit = true;
int matches = 0; int matches = 0;
@ -116,7 +116,7 @@ static int count_them(struct net *net,
rcu_read_lock(); rcu_read_lock();
/* check the saved connections */ /* check the saved connections */
list_for_each_entry_safe(conn, tmp, hash, list) { hlist_for_each_entry_safe(conn, pos, n, hash, node) {
found = nf_conntrack_find_get(net, NF_CT_DEFAULT_ZONE, found = nf_conntrack_find_get(net, NF_CT_DEFAULT_ZONE,
&conn->tuple); &conn->tuple);
found_ct = NULL; found_ct = NULL;
@ -136,7 +136,7 @@ static int count_them(struct net *net,
if (found == NULL) { if (found == NULL) {
/* this one is gone */ /* this one is gone */
list_del(&conn->list); hlist_del(&conn->node);
kfree(conn); kfree(conn);
continue; continue;
} }
@ -147,7 +147,7 @@ static int count_them(struct net *net,
* closed already -> ditch it * closed already -> ditch it
*/ */
nf_ct_put(found_ct); nf_ct_put(found_ct);
list_del(&conn->list); hlist_del(&conn->node);
kfree(conn); kfree(conn);
continue; continue;
} }
@ -167,7 +167,7 @@ static int count_them(struct net *net,
return -ENOMEM; return -ENOMEM;
conn->tuple = *tuple; conn->tuple = *tuple;
conn->addr = *addr; conn->addr = *addr;
list_add(&conn->list, hash); hlist_add_head(&conn->node, hash);
++matches; ++matches;
} }
@ -246,7 +246,7 @@ static int connlimit_mt_check(const struct xt_mtchk_param *par)
spin_lock_init(&info->data->lock); spin_lock_init(&info->data->lock);
for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i)
INIT_LIST_HEAD(&info->data->iphash[i]); INIT_HLIST_HEAD(&info->data->iphash[i]);
return 0; return 0;
} }
@ -255,15 +255,15 @@ static void connlimit_mt_destroy(const struct xt_mtdtor_param *par)
{ {
const struct xt_connlimit_info *info = par->matchinfo; const struct xt_connlimit_info *info = par->matchinfo;
struct xt_connlimit_conn *conn; struct xt_connlimit_conn *conn;
struct xt_connlimit_conn *tmp; struct hlist_node *pos, *n;
struct list_head *hash = info->data->iphash; struct hlist_head *hash = info->data->iphash;
unsigned int i; unsigned int i;
nf_ct_l3proto_module_put(par->family); nf_ct_l3proto_module_put(par->family);
for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) { for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) {
list_for_each_entry_safe(conn, tmp, &hash[i], list) { hlist_for_each_entry_safe(conn, pos, n, &hash[i], node) {
list_del(&conn->list); hlist_del(&conn->node);
kfree(conn); kfree(conn);
} }
} }