Re: [NETFILTER] xt_hashlimit : speedups hash_dst()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sami Farin wrote:
On Sat, Dec 15, 2007 at 21:42:19 -0800, David Miller wrote:
From: Eric Dumazet <dada1@xxxxxxxxxxxxx>
Date: Sat, 15 Dec 2007 12:04:47 +0100

I prefer to let admins chose their size, since it makes attacker life more difficult :)

For example, I can tell you I have a server, were size is between 2.000.000 and 3.500.000, I dont want to be forced to use 2097152

A multiply is cheap, at least on current hardware.
I agree, and I see nothing wrong with Eric's patch and it
should be merged ASAP.

You could do the same optimization for net/netfilter/nf_conntrack_core.c:__hash_conntrack() , too.


Yes, I already took care of that for conntrack and other netfilter
non-power-of-two hashes.

-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux