Pablo Neira Ayuso wrote:
Patrick McHardy wrote:
Pablo Neira Ayuso wrote:
Patrick McHardy wrote:
Generally, I'd say a better approach is to get rid of the notifier
chain (unnecessary overhead for the single user we have), replace it
by a function pointer for event delivery and use that as an indication
that events should be tracked.
I have a fuzzy morning. I get the idea of replacing the notifier chain
by a function pointer but I don't get the idea of the indication.
Something like:
if (nf_ct_deliver_events == NULL)
don't cache events, try to avoid any other event-related overhead
with nf_ct_deliver_events being the function pointer. Similar to
the sysctl, that allows to enable/disable hopefully most of the
event stuff at runtime.
Thanks, now I see, I was mixing this with the extra atomic operations
that nf_conntrack_event_cache() adds in my patch. I'm going to reply
your other email which refers to the extra atomic-operations issue.
You could of course still add the sysctl on top for the people
doing non-modular builds. It would have to default to "on" though,
so I'm not sure its really worth it.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
