On Wed, May 22, 2013 at 02:10:57PM -0700, Eric Dumazet wrote:
> From: Eric Dumazet <edumazet@xxxxxxxxxx>
>
> The percpu untracked ct are not currently used for XT_CT_NOTRACK.
>
> xt_ct_tg_check()/xt_ct_target() provides a single ct.
>
> Thats not optimal as the ct->ct_general.use cache line will bounce among
> cpus.
>
> Use the intended [1] thing : xt_ct_target() should select the percpu
> object.
>
> [1] Refs :
> commit 5bfddbd46a95c97 ("netfilter: nf_conntrack: IPS_UNTRACKED bit")
> commit b3c5163fe0193a7 ("netfilter: nf_conntrack: per_cpu untracking")
Applied, thanks Eric.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
