On Tue, 18 Sep 2012, Jozsef Kadlecsik wrote:
I propose a small cache for inter-match communication purpose:
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index 8d674a7..f07eab2 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -216,6 +216,9 @@ struct xt_action_param {
const void *matchinfo, *targinfo;
};
const struct net_device *in, *out;
+#ifdef CONFIG_NETFILTER_XTABLES_CACHE
+ u_int32_t cache;
+#endif
Perhaps we should add it, that the end of the struct, to avoid too big ABI
breakage. And I generally don't like, adding compile time optional
elements in the middle of a struct, as it make its harder to cache profile
and padding/aligning the struct.
int fragoff;
unsigned int thoff;
unsigned int hooknum;
@@ -223,6 +226,15 @@ struct xt_action_param {
bool hotdrop;
};
+enum xt_cache_owner {
+ XT_CACHE_OWNER_NONE = 0,
+ XT_CACHE_OWNER_IPSET = 1,
+};
+
+#define XT_CACHE_GET_OWNER(cache) (((cache) & 0xFF000000) >> 24)
+#define XT_CACHE_SET_OWNER(cache, owner) ((cache) |= (owner) << 24)
+#define XT_CACHE_GET_VALUE(cache) ((cache) & 0x00FFFFFF)
+
So, you are reserving 24 bit for data/"values". And we have 8 bits for
setting an owner of this data. Thats the basic idea right?
Cheers,
Jesper Brouer
--
-------------------------------------------------------------------
MSc. Master of Computer Science
Dept. of Computer Science, University of Copenhagen
Author of http://www.adsl-optimizer.dk
-------------------------------------------------------------------
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
