git.osdn.net Git - tomoyo/tomoyo-test1.git/commit

author	Yi-Hung Wei <yihung.wei@gmail.com>
	Tue, 3 Jul 2018 00:33:40 +0000 (17:33 -0700)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 18 Jul 2018 09:26:32 +0000 (11:26 +0200)
commit	cb2b36f5a97df76f547fcc4ab444a02522fb6c96
tree	986120552e919158fb4cbca0d3e43903e577860e	tree \| snapshot
parent	2a406e8ac7c3e7e96b94d6c0765d5a4641970446	commit \| diff

netfilter: nf_conncount: Switch to plain list

Original patch is from Florian Westphal.

This patch switches from hlist to plain list to store the list of
connections with the same filtering key in nf_conncount. With the
plain list, we can insert new connections at the tail, so over time
the beginning of list holds long-running connections and those are
expired, while the newly creates ones are at the end.

Later on, we could probably move checked ones to the end of the list,
so the next run has higher chance to reclaim stale entries in the front.

Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_conntrack_count.h		diff \| blob \| history
net/netfilter/nf_conncount.c		diff \| blob \| history
net/netfilter/nft_connlimit.c		diff \| blob \| history