diff options
author | Changli Gao <xiaosuo@gmail.com> | 2011-03-15 08:25:42 -0400 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2011-03-15 08:25:42 -0400 |
commit | 3e0d5149e6dcbe7111a63773a07c5b33f7ca7236 (patch) | |
tree | c7f1ff1800144902b9bf413d8d3a28824b766098 /net/netfilter | |
parent | 0e23ca14f8e76091b402c01e2b169aba3d187b98 (diff) |
netfilter: xt_connlimit: use hlist instead
The header of hlist is smaller than list.
Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/netfilter')
-rw-r--r-- | net/netfilter/xt_connlimit.c | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c index ade2a806a48e..da56d6ec13c9 100644 --- a/net/netfilter/xt_connlimit.c +++ b/net/netfilter/xt_connlimit.c | |||
@@ -33,14 +33,14 @@ | |||
33 | 33 | ||
34 | /* we will save the tuples of all connections we care about */ | 34 | /* we will save the tuples of all connections we care about */ |
35 | struct xt_connlimit_conn { | 35 | struct xt_connlimit_conn { |
36 | struct list_head list; | 36 | struct hlist_node node; |
37 | struct nf_conntrack_tuple tuple; | 37 | struct nf_conntrack_tuple tuple; |
38 | union nf_inet_addr addr; | 38 | union nf_inet_addr addr; |
39 | }; | 39 | }; |
40 | 40 | ||
41 | struct xt_connlimit_data { | 41 | struct xt_connlimit_data { |
42 | struct list_head iphash[256]; | 42 | struct hlist_head iphash[256]; |
43 | spinlock_t lock; | 43 | spinlock_t lock; |
44 | }; | 44 | }; |
45 | 45 | ||
46 | static u_int32_t connlimit_rnd __read_mostly; | 46 | static u_int32_t connlimit_rnd __read_mostly; |
@@ -102,9 +102,9 @@ static int count_them(struct net *net, | |||
102 | { | 102 | { |
103 | const struct nf_conntrack_tuple_hash *found; | 103 | const struct nf_conntrack_tuple_hash *found; |
104 | struct xt_connlimit_conn *conn; | 104 | struct xt_connlimit_conn *conn; |
105 | struct xt_connlimit_conn *tmp; | 105 | struct hlist_node *pos, *n; |
106 | struct nf_conn *found_ct; | 106 | struct nf_conn *found_ct; |
107 | struct list_head *hash; | 107 | struct hlist_head *hash; |
108 | bool addit = true; | 108 | bool addit = true; |
109 | int matches = 0; | 109 | int matches = 0; |
110 | 110 | ||
@@ -116,7 +116,7 @@ static int count_them(struct net *net, | |||
116 | rcu_read_lock(); | 116 | rcu_read_lock(); |
117 | 117 | ||
118 | /* check the saved connections */ | 118 | /* check the saved connections */ |
119 | list_for_each_entry_safe(conn, tmp, hash, list) { | 119 | hlist_for_each_entry_safe(conn, pos, n, hash, node) { |
120 | found = nf_conntrack_find_get(net, NF_CT_DEFAULT_ZONE, | 120 | found = nf_conntrack_find_get(net, NF_CT_DEFAULT_ZONE, |
121 | &conn->tuple); | 121 | &conn->tuple); |
122 | found_ct = NULL; | 122 | found_ct = NULL; |
@@ -136,7 +136,7 @@ static int count_them(struct net *net, | |||
136 | 136 | ||
137 | if (found == NULL) { | 137 | if (found == NULL) { |
138 | /* this one is gone */ | 138 | /* this one is gone */ |
139 | list_del(&conn->list); | 139 | hlist_del(&conn->node); |
140 | kfree(conn); | 140 | kfree(conn); |
141 | continue; | 141 | continue; |
142 | } | 142 | } |
@@ -147,7 +147,7 @@ static int count_them(struct net *net, | |||
147 | * closed already -> ditch it | 147 | * closed already -> ditch it |
148 | */ | 148 | */ |
149 | nf_ct_put(found_ct); | 149 | nf_ct_put(found_ct); |
150 | list_del(&conn->list); | 150 | hlist_del(&conn->node); |
151 | kfree(conn); | 151 | kfree(conn); |
152 | continue; | 152 | continue; |
153 | } | 153 | } |
@@ -167,7 +167,7 @@ static int count_them(struct net *net, | |||
167 | return -ENOMEM; | 167 | return -ENOMEM; |
168 | conn->tuple = *tuple; | 168 | conn->tuple = *tuple; |
169 | conn->addr = *addr; | 169 | conn->addr = *addr; |
170 | list_add(&conn->list, hash); | 170 | hlist_add_head(&conn->node, hash); |
171 | ++matches; | 171 | ++matches; |
172 | } | 172 | } |
173 | 173 | ||
@@ -246,7 +246,7 @@ static int connlimit_mt_check(const struct xt_mtchk_param *par) | |||
246 | 246 | ||
247 | spin_lock_init(&info->data->lock); | 247 | spin_lock_init(&info->data->lock); |
248 | for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) | 248 | for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) |
249 | INIT_LIST_HEAD(&info->data->iphash[i]); | 249 | INIT_HLIST_HEAD(&info->data->iphash[i]); |
250 | 250 | ||
251 | return 0; | 251 | return 0; |
252 | } | 252 | } |
@@ -255,15 +255,15 @@ static void connlimit_mt_destroy(const struct xt_mtdtor_param *par) | |||
255 | { | 255 | { |
256 | const struct xt_connlimit_info *info = par->matchinfo; | 256 | const struct xt_connlimit_info *info = par->matchinfo; |
257 | struct xt_connlimit_conn *conn; | 257 | struct xt_connlimit_conn *conn; |
258 | struct xt_connlimit_conn *tmp; | 258 | struct hlist_node *pos, *n; |
259 | struct list_head *hash = info->data->iphash; | 259 | struct hlist_head *hash = info->data->iphash; |
260 | unsigned int i; | 260 | unsigned int i; |
261 | 261 | ||
262 | nf_ct_l3proto_module_put(par->family); | 262 | nf_ct_l3proto_module_put(par->family); |
263 | 263 | ||
264 | for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) { | 264 | for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) { |
265 | list_for_each_entry_safe(conn, tmp, &hash[i], list) { | 265 | hlist_for_each_entry_safe(conn, pos, n, &hash[i], node) { |
266 | list_del(&conn->list); | 266 | hlist_del(&conn->node); |
267 | kfree(conn); | 267 | kfree(conn); |
268 | } | 268 | } |
269 | } | 269 | } |