From: Patrick McHardy <kaber@trash.net>
To: Jan Engelhardt <jengelh@computergmbh.de>
Cc: Netfilter Developer Mailing List <netfilter-devel@lists.netfilter.org>
Subject: Re: xt_connlimit 20070625
Date: Thu, 28 Jun 2007 21:27:27 +0200 [thread overview]
Message-ID: <46840B9F.7080803@trash.net> (raw)
In-Reply-To: <Pine.LNX.4.64.0706282121220.22579@fbirervta.pbzchgretzou.qr>
Jan Engelhardt wrote:
> On Jun 25 2007 13:41, Patrick McHardy wrote:
>
>
>>>+ /* check the saved connections */
>>>+ list_for_each_entry_safe(conn, tmp, hash, list) {
>>>+ found = nf_conntrack_find_get(&conn->tuple, ct);
>>
>>Something for the hopefully near future: with ct_extend you could
>>allocate a dummy ct extension and use the destructor to remove
>>connections, which will avoid this expansive searching.
>
>
> There's just one problem... judging from example code
> (`a=96ef23541211a66adb0504d1451ee318965ac525; git diff $a^..$a` in your
> nf-2.6.23.git tree), the struct nf_ct_ext_type->cleanup() handler is only
> called with "struct nf_conn *", but that does not help at all. xt_connlimit
> needs the "struct xt_connlimit_data", which is only accessible through
> xt_match's void *matchinfo (per-match private info).
> Ideas?
I though you would store the struct xt_connlimit_conn in the
ct_extend area. The only reason I can think of why you'd need
the xt_connlimit_data is for the lock. So you could make the
lock global (which I think is fine) or add a pointer to the
data you need.
next prev parent reply other threads:[~2007-06-28 19:27 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-06-20 9:39 xt_connlimit 20070620_2 Jan Engelhardt
2007-06-20 17:21 ` Andrew Beverley
2007-06-22 11:14 ` Patrick McHardy
2007-06-22 11:36 ` Jan Engelhardt
2007-06-22 11:43 ` Patrick McHardy
2007-06-22 12:33 ` Jan Engelhardt
2007-06-22 12:42 ` Patrick McHardy
2007-06-22 13:22 ` Jan Engelhardt
2007-06-22 13:27 ` Patrick McHardy
2007-06-25 11:11 ` xt_connlimit 20070625 Jan Engelhardt
2007-06-25 11:41 ` Patrick McHardy
2007-06-25 11:45 ` Patrick McHardy
2007-06-25 12:36 ` Jan Engelhardt
2007-06-25 12:43 ` Patrick McHardy
2007-06-25 14:41 ` Jan Engelhardt
2007-06-25 14:46 ` Patrick McHardy
2007-06-25 15:01 ` Jan Engelhardt
2007-06-25 15:05 ` Patrick McHardy
2007-06-25 15:05 ` Patrick McHardy
2007-06-25 15:14 ` Jan Engelhardt
2007-06-28 19:23 ` Jan Engelhardt
2007-06-28 19:27 ` Patrick McHardy [this message]
2007-06-28 19:31 ` Jan Engelhardt
2007-06-28 19:33 ` Patrick McHardy
2007-06-28 19:48 ` Patrick McHardy
2007-06-28 19:51 ` xt_connlimit 20070628 Jan Engelhardt
2007-06-28 19:55 ` xt_connlimit 20070628 kernel Jan Engelhardt
2007-06-29 11:27 ` Patrick McHardy
2007-07-01 14:11 ` Jan Engelhardt
2007-07-02 12:27 ` Patrick McHardy
2007-07-02 15:38 ` Jan Engelhardt
2007-07-02 15:40 ` Patrick McHardy
2007-07-02 19:53 ` Jan Engelhardt
2007-07-03 11:14 ` Patrick McHardy
2007-07-03 11:31 ` Jan Engelhardt
2007-07-03 11:34 ` Patrick McHardy
2007-07-04 10:56 ` Jan Engelhardt
2007-07-04 14:52 ` Patrick McHardy
2007-07-04 15:11 ` Jan Engelhardt
2007-07-06 13:05 ` Patrick McHardy
2007-07-07 17:51 ` xt_connlimit 20070707 kernel Jan Engelhardt
2007-07-09 14:30 ` Patrick McHardy
2007-07-09 15:10 ` Jan Engelhardt
2007-07-09 15:20 ` Patrick McHardy
2007-07-09 15:29 ` Patrick McHardy
2007-07-09 15:32 ` Jan Engelhardt
2007-07-09 15:33 ` Patrick McHardy
2007-07-09 15:34 ` Patrick McHardy
2007-07-09 15:38 ` Jan Engelhardt
2007-07-09 15:43 ` Patrick McHardy
2007-07-13 14:18 ` Yasuyuki KOZAKAI
[not found] ` <200707131418.l6DEIudN010879@toshiba.co.jp>
2007-07-13 15:01 ` Jan Engelhardt
2007-07-13 15:03 ` Patrick McHardy
2007-07-13 15:13 ` Jan Engelhardt
2007-07-13 15:16 ` Patrick McHardy
2007-07-13 15:31 ` Jan Engelhardt
2007-07-13 15:42 ` Patrick McHardy
2007-07-13 16:08 ` Jan Engelhardt
2007-07-13 15:44 ` Yasuyuki KOZAKAI
[not found] ` <200707131544.l6DFivSf011446@toshiba.co.jp>
2007-07-13 16:09 ` Jan Engelhardt
2007-07-10 6:30 ` Yasuyuki KOZAKAI
2007-07-11 17:37 ` Jan Engelhardt
2007-07-11 18:04 ` Patrick McHardy
2007-07-11 18:18 ` Jan Engelhardt
2007-07-11 18:19 ` Jan Engelhardt
2007-07-11 18:25 ` Patrick McHardy
[not found] ` <200707100630.l6A6UBM1021597@toshiba.co.jp>
2007-07-11 13:23 ` Patrick McHardy
2007-07-04 8:55 ` xt_connlimit 20070628 kernel Yasuyuki KOZAKAI
2007-07-04 14:52 ` Patrick McHardy
2007-06-28 20:08 ` xt_connlimit 20070628 Jan Engelhardt
2007-06-25 18:51 ` xt_connlimit 20070620_2 Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46840B9F.7080803@trash.net \
--to=kaber@trash.net \
--cc=jengelh@computergmbh.de \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.