On 11.02.2011 17:22, Stefan Berger wrote: > The patch below introduces an early termination of the loop that is > counting matches. It terminates once the counter has exceeded the > threshold provided by the user. There's no point in continuing the loop > afterwards and looking at other entries. > > It plays together with the following code further below: > > return (connections > info->limit) ^ info->inverse; > > where connections is the result of the counted connection, which in turn > is the matches variable in the loop. So once > > -> matches = info->limit + 1 > alias -> matches > info->limit > alias -> matches > threshold > > we can terminate the loop. > Applied, thanks Stefan. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
