On Fri, Jun 14, 2024 at 05:16:41PM +0200, Phil Sutter wrote: > Support tracking of up to 65535 packets per table entry instead of just > 255 to better facilitate longer term tracking or higher throughput > scenarios. Could you develop a bit more the use case to expand this? Do you have an example rule for me? > Requested-by: Fabio <pedretti.fabio@xxxxxxxxx> > Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1745 Hm, original bug report only refer to documentation update? Is there a way to know what kernel support what value? I guess not, only probing. Thanks. > Signed-off-by: Phil Sutter <phil@xxxxxx> > --- > net/netfilter/xt_recent.c | 10 +++++----- > 1 file changed, 5 insertions(+), 5 deletions(-) > > diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c > index 60259280b2d5..588a5e6ad899 100644 > --- a/net/netfilter/xt_recent.c > +++ b/net/netfilter/xt_recent.c > @@ -59,9 +59,9 @@ MODULE_PARM_DESC(ip_list_gid, "default owning group of /proc/net/xt_recent/* fil > /* retained for backwards compatibility */ > static unsigned int ip_pkt_list_tot __read_mostly; > module_param(ip_pkt_list_tot, uint, 0400); > -MODULE_PARM_DESC(ip_pkt_list_tot, "number of packets per IP address to remember (max. 255)"); > +MODULE_PARM_DESC(ip_pkt_list_tot, "number of packets per IP address to remember (max. 65535)"); > > -#define XT_RECENT_MAX_NSTAMPS 256 > +#define XT_RECENT_MAX_NSTAMPS 65536 > > struct recent_entry { > struct list_head list; > @@ -69,8 +69,8 @@ struct recent_entry { > union nf_inet_addr addr; > u_int16_t family; > u_int8_t ttl; > - u_int8_t index; > - u_int8_t nstamps; > + u_int16_t index; > + u_int16_t nstamps; > unsigned long stamps[]; > }; > > @@ -80,7 +80,7 @@ struct recent_table { > union nf_inet_addr mask; > unsigned int refcnt; > unsigned int entries; > - u8 nstamps_max_mask; > + u_int16_t nstamps_max_mask; > struct list_head lru_list; > struct list_head iphash[]; > }; > -- > 2.43.0 > >
