On Sat, May 02, 2015 at 07:27:53PM +0200, Jozsef Kadlecsik wrote: > Three types of data need to be protected in the case of the hash types: > > a. The hash buckets: standard rcu pointer operations are used. > b. The allocated elements in the hash buckets: a bitmap is used > for book-keeping to tell which elements in the hash bucket are > used or free. > c. Networks per cidr values and the cidr values themselves: the fix > sized arrays need no protection. The values are modified in such > an order that in the worst case an element testing is repeated > again with the same cidr value. Did you consider using the rhashtable implementation under lib/rhashtable.c? Do you think there is any chance to accommodate that into ipset? If possible, it would avoid from dealing with this complexity. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
