Hi Florian,
On Thu, Oct 18, 2012 at 10:38:09PM +0200, Florian Westphal wrote:
[...]
> The problem i have with this is that 32 unique bits is a bit (pun intended)
> low. If its used as enumeration its plentiful but i specifically want
> to be able to attach 'lots of' different labels to a conntrack entry.
Ah I see. You want overlapping labels, I like that idea :-)
What if we provide overlapping and non-overlapping label types,
something like:
struct nf_conn_label {
uint64_t overlapping:56,
enumerated:8;
};
That provides 56 overlapping labels and 256 non-overlapping labels.
There will be two configuration files to be used depending on what you
want. I'm not sure what amount of labels would be fine.
Probably, this alternative semantics could be useful:
struct nf_conn_label {
uint64_t mask:56,
type:8;
};
For each type (we would have 2^8), we have 56 overlapping labels.
Thus, we make sure this extension only requires 64-bits (plus the
extension structure, of course).
My only concern with dynamically allocated purely bit-based labels is
that users may bloat the size of each conntrack entry.
Let me know.
Regards.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
