On Sun, Jul 20, 2008 at 11:35:19AM -0400, jamal wrote: > > All actions (on a per-type hash table basis) have an index. > You create filter rule X and specify action nat. > You may specify the index of the action when you create the filter X. > If you then create another filter rule Y, also using the same action > index, then that nat action is shared between rule X and rule Y[1]. This is exactly what I want to get rid of because otherwise even if no index was specified we'll still do a hash insertion which simply falls apart with a small hash table. Using a large hash table on the other is bad for people who only have a few rules. > [1]This is useful for tow reasons: > a) memory saving purposes: If you dont care that much about performance > or on a uniprocessor machine, one action would just be sufficient for > many rules. > b) accounting purposes; as you know qdiscs/filters/actions are > per-device. Over the years, a need has arosen from some users to have a > "per system" accounting (refer to the IMQ/IFB approach). Eg, if i wanted > the policer action to account for ingress eth0 and egress eth1 for a > user, i couldnt do it without some acrobatics. We could do a dynamic table but so far I'm not convinced that it's worth anybody's effort to implement :) Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
