aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter
diff options
context:
space:
mode:
authorChangli Gao <xiaosuo@gmail.com>2011-03-15 08:25:42 -0400
committerPatrick McHardy <kaber@trash.net>2011-03-15 08:25:42 -0400
commit3e0d5149e6dcbe7111a63773a07c5b33f7ca7236 (patch)
treec7f1ff1800144902b9bf413d8d3a28824b766098 /net/netfilter
parent0e23ca14f8e76091b402c01e2b169aba3d187b98 (diff)
netfilter: xt_connlimit: use hlist instead
The header of hlist is smaller than list. Signed-off-by: Changli Gao <xiaosuo@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/netfilter')
-rw-r--r--net/netfilter/xt_connlimit.c28
1 files changed, 14 insertions, 14 deletions
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
index ade2a806a48e..da56d6ec13c9 100644
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c
@@ -33,14 +33,14 @@
33 33
34/* we will save the tuples of all connections we care about */ 34/* we will save the tuples of all connections we care about */
35struct xt_connlimit_conn { 35struct xt_connlimit_conn {
36 struct list_head list; 36 struct hlist_node node;
37 struct nf_conntrack_tuple tuple; 37 struct nf_conntrack_tuple tuple;
38 union nf_inet_addr addr; 38 union nf_inet_addr addr;
39}; 39};
40 40
41struct xt_connlimit_data { 41struct xt_connlimit_data {
42 struct list_head iphash[256]; 42 struct hlist_head iphash[256];
43 spinlock_t lock; 43 spinlock_t lock;
44}; 44};
45 45
46static u_int32_t connlimit_rnd __read_mostly; 46static u_int32_t connlimit_rnd __read_mostly;
@@ -102,9 +102,9 @@ static int count_them(struct net *net,
102{ 102{
103 const struct nf_conntrack_tuple_hash *found; 103 const struct nf_conntrack_tuple_hash *found;
104 struct xt_connlimit_conn *conn; 104 struct xt_connlimit_conn *conn;
105 struct xt_connlimit_conn *tmp; 105 struct hlist_node *pos, *n;
106 struct nf_conn *found_ct; 106 struct nf_conn *found_ct;
107 struct list_head *hash; 107 struct hlist_head *hash;
108 bool addit = true; 108 bool addit = true;
109 int matches = 0; 109 int matches = 0;
110 110
@@ -116,7 +116,7 @@ static int count_them(struct net *net,
116 rcu_read_lock(); 116 rcu_read_lock();
117 117
118 /* check the saved connections */ 118 /* check the saved connections */
119 list_for_each_entry_safe(conn, tmp, hash, list) { 119 hlist_for_each_entry_safe(conn, pos, n, hash, node) {
120 found = nf_conntrack_find_get(net, NF_CT_DEFAULT_ZONE, 120 found = nf_conntrack_find_get(net, NF_CT_DEFAULT_ZONE,
121 &conn->tuple); 121 &conn->tuple);
122 found_ct = NULL; 122 found_ct = NULL;
@@ -136,7 +136,7 @@ static int count_them(struct net *net,
136 136
137 if (found == NULL) { 137 if (found == NULL) {
138 /* this one is gone */ 138 /* this one is gone */
139 list_del(&conn->list); 139 hlist_del(&conn->node);
140 kfree(conn); 140 kfree(conn);
141 continue; 141 continue;
142 } 142 }
@@ -147,7 +147,7 @@ static int count_them(struct net *net,
147 * closed already -> ditch it 147 * closed already -> ditch it
148 */ 148 */
149 nf_ct_put(found_ct); 149 nf_ct_put(found_ct);
150 list_del(&conn->list); 150 hlist_del(&conn->node);
151 kfree(conn); 151 kfree(conn);
152 continue; 152 continue;
153 } 153 }
@@ -167,7 +167,7 @@ static int count_them(struct net *net,
167 return -ENOMEM; 167 return -ENOMEM;
168 conn->tuple = *tuple; 168 conn->tuple = *tuple;
169 conn->addr = *addr; 169 conn->addr = *addr;
170 list_add(&conn->list, hash); 170 hlist_add_head(&conn->node, hash);
171 ++matches; 171 ++matches;
172 } 172 }
173 173
@@ -246,7 +246,7 @@ static int connlimit_mt_check(const struct xt_mtchk_param *par)
246 246
247 spin_lock_init(&info->data->lock); 247 spin_lock_init(&info->data->lock);
248 for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) 248 for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i)
249 INIT_LIST_HEAD(&info->data->iphash[i]); 249 INIT_HLIST_HEAD(&info->data->iphash[i]);
250 250
251 return 0; 251 return 0;
252} 252}
@@ -255,15 +255,15 @@ static void connlimit_mt_destroy(const struct xt_mtdtor_param *par)
255{ 255{
256 const struct xt_connlimit_info *info = par->matchinfo; 256 const struct xt_connlimit_info *info = par->matchinfo;
257 struct xt_connlimit_conn *conn; 257 struct xt_connlimit_conn *conn;
258 struct xt_connlimit_conn *tmp; 258 struct hlist_node *pos, *n;
259 struct list_head *hash = info->data->iphash; 259 struct hlist_head *hash = info->data->iphash;
260 unsigned int i; 260 unsigned int i;
261 261
262 nf_ct_l3proto_module_put(par->family); 262 nf_ct_l3proto_module_put(par->family);
263 263
264 for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) { 264 for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) {
265 list_for_each_entry_safe(conn, tmp, &hash[i], list) { 265 hlist_for_each_entry_safe(conn, pos, n, &hash[i], node) {
266 list_del(&conn->list); 266 hlist_del(&conn->node);
267 kfree(conn); 267 kfree(conn);
268 } 268 }
269 } 269 }