Hi Tomasz, On Thu, Nov 01, 2012 at 01:38:29PM +0200, Tomasz Bursztyka wrote: > Hi, > > Here a second version of the previous patchset, now taking care of > chain's name issue. The name is fixed, same size as in iptables. > > About an alternative, it could be possible to store a variable chain > name in a separate allocated memory, kept in hash table: not the > chain object itself, just the name. The key would be the chain's > object pointer. At least, from execution point of view it would not > affect anything since the name is necessary only for the user. The > only issue is the memory occupied by such hash table. We can declare a const char * inside nft_chain and kmalloc the area for the name dynamically. If renamed, we can reallocation it. It's simple, but we increase memory fragmentation. > I was looking quickly at the linux helpers, could not find a > hashtable/map api, is there any? If so, I could try this idea of > names stored like that. There have been some discussion regarding generic hashtable API since long time. http://www.spinics.net/lists/linux-nfs/msg33526.html It seems Linus is going to take it. > Tomasz Bursztyka (4): > nf_tables: Change chain's name to be fixed sized > nf_tables: Add missing policy for NFTA_CHAIN_USE > nf_tables: Add support for changing users chain's name > nf_tables: Add support for replacing a rule by another one. I've taken these three to nf_tables-experiments branch. Thanks a lot. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
