Changeset 42049


Ignore:
Timestamp:
2014-08-07T21:31:16+02:00 (3 years ago)
Author:
nbd
Message:

kernel: improve ipv4 netfilter optimization patch

Signed-off-by: Felix Fietkau <nbd@…>

Backport of r42045

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/barrier_breaker/target/linux/generic/patches-3.10/611-netfilter_match_bypass_default_table.patch

    r36663 r42049  
    3535 unsigned int 
    3636 ipt_do_table(struct sk_buff *skb, 
    37 @@ -334,6 +361,25 @@ ipt_do_table(struct sk_buff *skb, 
     37@@ -331,9 +358,27 @@ ipt_do_table(struct sk_buff *skb, 
     38        unsigned int addend; 
     39  
     40        /* Initialization */ 
     41+       IP_NF_ASSERT(table->valid_hooks & (1 << hook)); 
     42+       local_bh_disable(); 
     43+       private = table->private; 
     44+       cpu        = smp_processor_id(); 
     45+       table_base = private->entries[cpu]; 
     46+       e = get_entry(table_base, private->hook_entry[hook]); 
     47+       if (ipt_handle_default_rule(e, &verdict)) { 
     48+               ADD_COUNTER(e->counters, skb->len, 1); 
     49+               local_bh_enable(); 
     50+               return verdict; 
     51+       } 
     52+ 
    3853        ip = ip_hdr(skb); 
    3954        indev = in ? in->name : nulldevname; 
    4055        outdev = out ? out->name : nulldevname; 
    4156+ 
    42 +       IP_NF_ASSERT(table->valid_hooks & (1 << hook)); 
    43 +       local_bh_disable(); 
    4457+       addend = xt_write_recseq_begin(); 
    45 +       private = table->private; 
    46 +       cpu        = smp_processor_id(); 
    47 +       table_base = private->entries[cpu]; 
    4858+       jumpstack  = (struct ipt_entry **)private->jumpstack[cpu]; 
    4959+       stackptr   = per_cpu_ptr(private->stackptr, cpu); 
    5060+       origptr    = *stackptr; 
    5161+ 
    52 +       e = get_entry(table_base, private->hook_entry[hook]); 
    53 +       if (ipt_handle_default_rule(e, &verdict)) { 
    54 +               ADD_COUNTER(e->counters, skb->len, 1); 
    55 +               xt_write_recseq_end(addend); 
    56 +               local_bh_enable(); 
    57 +               return verdict; 
    58 +       } 
    59 + 
    6062        /* We handle fragments by dealing with the first fragment as 
    6163         * if it was a normal packet.  All other fragments are treated 
    6264         * normally, except that they will NEVER match rules that ask 
    63 @@ -348,18 +394,6 @@ ipt_do_table(struct sk_buff *skb, 
     65@@ -348,18 +393,6 @@ ipt_do_table(struct sk_buff *skb, 
    6466        acpar.family  = NFPROTO_IPV4; 
    6567        acpar.hooknum = hook; 
Note: See TracChangeset for help on using the changeset viewer.