git.baikalelectronics.ru Git - kernel.git/commit

author	Florian Westphal <fw@strlen.de>
	Mon, 2 May 2016 16:39:55 +0000 (18:39 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 5 May 2016 14:39:47 +0000 (16:39 +0200)
commit	eff78f6992fb25ac719bf40acc3cfc4ebcd3e227
tree	89f2c12e4f197ac3876f5ebf01f61b7a3f49dd3e	tree \| snapshot
parent	3b8f8835f6a0261003102eb0d1ee439a4a1b0c97	commit \| diff

netfilter: conntrack: use a single hashtable for all namespaces

We already include netns address in the hash and compare the netns pointers
during lookup, so even if namespaces have overlapping addresses entries
will be spread across the table.

Assuming 64k bucket size, this change saves 0.5 mbyte per namespace on a
64bit system.

NAT bysrc and expectation hash is still per namespace, those will
changed too soon.

Future patch will also make conntrack object slab cache global again.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_conntrack_core.h		diff \| blob \| history
include/net/netns/conntrack.h		diff \| blob \| history
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c		diff \| blob \| history
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4_compat.c		diff \| blob \| history
net/netfilter/nf_conntrack_core.c		diff \| blob \| history
net/netfilter/nf_conntrack_helper.c		diff \| blob \| history
net/netfilter/nf_conntrack_netlink.c		diff \| blob \| history
net/netfilter/nf_conntrack_standalone.c		diff \| blob \| history
net/netfilter/nf_nat_core.c		diff \| blob \| history
net/netfilter/nfnetlink_cttimeout.c		diff \| blob \| history