Changli Gao wrote: > Use hash to speed up finding entries in nfqueue. > > If user implements QoS in userland, packet verdict won't be received in order. At this moment, a hash table is faster than a double linked list when finding the corresponding entries in nfqueue. > > This patch also fixes a potential bug, which will allows more than one entries with the same id are in the same nfqueue in the extreme. Instead of a double ID in a purely hypothetical case, we'd now get an endless loop. This part doesn't make much sense to me, please remove it from the patch. > diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c > index 7a9dec9..38c7af1 100644 > --- a/net/netfilter/nfnetlink_queue.c > +++ b/net/netfilter/nfnetlink_queue.c > @@ -37,6 +37,9 @@ > #endif > > #define NFQNL_QMAX_DEFAULT 1024 > +#define NFQNL_QHT_BITS 8 > +#define NFQNL_QHT_SIZE (1 << NFQNL_QHT_BITS) > +#define NFQNL_QHT_MASK (NFQNL_QHT_SIZE - 1) Have you considered making the size configurable by passing a new attribute in the NFQNL_CFG_CMD_BIND cmd message? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
