git.baikalelectronics.ru Git - kernel.git/commit

author	Yi-Hung Wei <yihung.wei@gmail.com>
	Tue, 3 Jul 2018 00:33:40 +0000 (17:33 -0700)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 18 Jul 2018 09:26:32 +0000 (11:26 +0200)
commit	05f4281742974df32c6479e9883d4dea68ea4f5b
tree	986120552e919158fb4cbca0d3e43903e577860e	tree \| snapshot
parent	6fb533a33f92defb8127700c8dcb5e0f4e2479f3	commit \| diff

netfilter: nf_conncount: Switch to plain list

Original patch is from Florian Westphal.

This patch switches from hlist to plain list to store the list of
connections with the same filtering key in nf_conncount. With the
plain list, we can insert new connections at the tail, so over time
the beginning of list holds long-running connections and those are
expired, while the newly creates ones are at the end.

Later on, we could probably move checked ones to the end of the list,
so the next run has higher chance to reclaim stale entries in the front.

Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_conntrack_count.h		diff \| blob \| history
net/netfilter/nf_conncount.c		diff \| blob \| history
net/netfilter/nft_connlimit.c		diff \| blob \| history