On Sun, 25 Apr 2010, FC wrote:
> - Updated Debian SID x86 32 bit
> - kernel 2.6.33.2-rt13
> - iptables v1.4.6
>
> I've experimented some problems while displaying processed packets by
> iptables ( iptables -L -n -v ). The output displays a large number of
> processed packets with a very low network activity in my LAN ( max 1 hundred
> of packets delivered )
>
> A sample output obtained after loading iptables rules and quite immediately
> running iptables -L -n -v
Can you please test the patch below on top of -rt ?
Thanks,
tglx
---------->
Subject: net-fix-iptables-fallout.patch
From: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Date: Tue, 27 Apr 2010 10:05:28 +0200
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
---
net/ipv4/netfilter/ip_tables.c | 9 +++++----
net/ipv6/netfilter/ip6_tables.c | 10 +++++-----
2 files changed, 10 insertions(+), 9 deletions(-)
Index: linux-2.6-tip/net/ipv4/netfilter/ip_tables.c
===================================================================
--- linux-2.6-tip.orig/net/ipv4/netfilter/ip_tables.c
+++ linux-2.6-tip/net/ipv4/netfilter/ip_tables.c
@@ -907,7 +907,7 @@ get_counters(const struct xt_table_info
{
unsigned int cpu;
unsigned int i;
- unsigned int curcpu = NR_CPUS;
+ unsigned int curcpu;
/* Instead of clearing (by a previous call to memset())
* the counters and using adds, we set the counters
@@ -917,16 +917,17 @@ get_counters(const struct xt_table_info
* if new softirq were to run and call ipt_do_table
*/
local_bh_disable();
-#ifndef CONFIG_PREEMPT_RT
- curcpu = smp_processor_id();
+ curcpu = raw_smp_processor_id();
i = 0;
+ xt_info_wrlock(curcpu);
IPT_ENTRY_ITERATE(t->entries[curcpu],
t->size,
set_entry_to_counter,
counters,
&i);
-#endif
+ xt_info_wrunlock(curcpu);
+
for_each_possible_cpu(cpu) {
if (cpu == curcpu)
continue;
Index: linux-2.6-tip/net/ipv6/netfilter/ip6_tables.c
===================================================================
--- linux-2.6-tip.orig/net/ipv6/netfilter/ip6_tables.c
+++ linux-2.6-tip/net/ipv6/netfilter/ip6_tables.c
@@ -939,7 +939,7 @@ get_counters(const struct xt_table_info
{
unsigned int cpu;
unsigned int i;
- unsigned int curcpu = NR_CPUS;
+ unsigned int curcpu;
/* Instead of clearing (by a previous call to memset())
* the counters and using adds, we set the counters
@@ -949,17 +949,17 @@ get_counters(const struct xt_table_info
* if new softirq were to run and call ipt_do_table
*/
local_bh_disable();
-
-#ifndef CONFIG_PREEMPT_RT
- curcpu = smp_processor_id();
+ curcpu = raw_smp_processor_id();
i = 0;
+ xt_info_wrlock(curcpu);
IP6T_ENTRY_ITERATE(t->entries[curcpu],
t->size,
set_entry_to_counter,
counters,
&i);
-#endif
+ xt_info_wrunlock(curcpu);
+
for_each_possible_cpu(cpu) {
if (cpu == curcpu)
continue;
--
To unsubscribe from this list: send the line "unsubscribe linux-rt-users" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
