leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b752eff5be
linux/include/net/netfilter
History
Aaron Conole 960632ece6 netfilter: convert hook list to an array 
This converts the storage and layout of netfilter hook entries from a
linked list to an array.  After this commit, hook entries will be
stored adjacent in memory.  The next pointer is no longer required.

The ops pointers are stored at the end of the array as they are only
used in the register/unregister path and in the legacy br_netfilter code.

nf_unregister_net_hooks() is slower than needed as it just calls
nf_unregister_net_hook in a loop (i.e. at least n synchronize_net()
calls), this will be addressed in followup patch.

Test setup:
 - ixgbe 10gbit
 - netperf UDP_STREAM, 64 byte packets
 - 5 hooks: (raw + mangle prerouting, mangle+filter input, inet filter):
empty mangle and raw prerouting, mangle and filter input hooks:
353.9
this patch:
364.2

Signed-off-by: Aaron Conole <aconole@bytheb.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2017-08-28 17:44:00 +02:00
..
ipv4 netfilter: udplite: Remove duplicated udplite4/6 declaration 2017-04-09 00:08:22 +02:00
ipv6 netfilter: udplite: Remove duplicated udplite4/6 declaration 2017-04-09 00:08:22 +02:00
br_netfilter.h net: convert nf_bridge_info.use from atomic_t to refcount_t 2017-07-01 07:39:07 -07:00
nf_conntrack_acct.h
nf_conntrack_core.h netfilter: remove nf_ct_is_untracked 2017-04-15 11:51:33 +02:00
nf_conntrack_ecache.h nefilter: eache: reduce struct size from 32 to 24 byte 2017-04-19 17:55:17 +02:00
nf_conntrack_expect.h netfilter: expect: add and use nf_ct_expect_iterate helpers 2017-07-31 19:09:38 +02:00
nf_conntrack_extend.h netfilter: nf_ct_ext: invoke destroy even when ext is not attached 2017-05-01 11:48:49 +02:00
nf_conntrack_helper.h netfilter: nfnl_cthelper: reject del request if helper obj is in use 2017-05-15 12:42:29 +02:00
nf_conntrack_l3proto.h netfilter: conntrack: make protocol tracker pointers const 2017-08-24 18:52:33 +02:00
nf_conntrack_l4proto.h netfilter: conntrack: make protocol tracker pointers const 2017-08-24 18:52:33 +02:00
nf_conntrack_labels.h
nf_conntrack_seqadj.h
nf_conntrack_synproxy.h netfilter: synproxy: only register hooks when needed 2017-04-26 09:30:21 +02:00
nf_conntrack_timeout.h netfilter: conntrack: make protocol tracker pointers const 2017-08-24 18:52:33 +02:00
nf_conntrack_timestamp.h
nf_conntrack_tuple.h
nf_conntrack_zones.h
nf_conntrack.h netfilter: add and use nf_ct_unconfirmed_destroy 2017-07-31 19:09:39 +02:00
nf_dup_netdev.h netfilter: add and use nf_fwd_netdev_egress 2016-12-06 21:48:22 +01:00
nf_log.h netfilter: allow logging from non-init namespaces 2017-02-02 14:31:58 +01:00
nf_nat_core.h
nf_nat_helper.h netfilter: nat: nf_nat_mangle_{udp,tcp}_packet returns boolean 2017-04-06 22:01:38 +02:00
nf_nat_l3proto.h
nf_nat_l4proto.h netfilter: built-in NAT support for UDPlite 2016-12-04 20:45:32 +01:00
nf_nat_redirect.h
nf_nat.h netfilter: don't attach a nat extension by default 2017-04-26 09:30:22 +02:00
nf_queue.h netfilter: convert hook list to an array 2017-08-28 17:44:00 +02:00
nf_socket.h
nf_tables_core.h netfilter: nf_tables: keep chain counters away from hot path 2017-07-24 12:23:16 +02:00
nf_tables_ipv4.h
nf_tables_ipv6.h netfilter: nf_tables: set pktinfo->thoff at AH header if found 2017-03-08 18:35:27 +01:00
nf_tables.h netfilter: nf_tables: Allow object names of up to 255 chars 2017-07-31 20:41:59 +02:00
nfnetlink_log.h
nft_dup.h
nft_fib.h netfilter: nft_fib: Support existence check 2017-03-13 13:45:36 +01:00
nft_masq.h
nft_meta.h
nft_redir.h
nft_reject.h
xt_rateest.h net_sched: gen_estimator: complete rewrite of rate estimators 2016-12-05 15:21:59 -05:00