From: Florian Westphal <fw@strlen.de>
To: Arif Hossain <freefall1986@gmail.com>
Cc: netfilter@vger.kernel.org, netfilter-devel@vger.kernel.org
Subject: Re: netfilter_queue : use --queue-balance in multithreaded environment
Date: Tue, 6 Mar 2012 22:45:18 +0100 [thread overview]
Message-ID: <20120306214518.GB19133@Chamillionaire.breakpoint.cc> (raw)
In-Reply-To: <1330681120.2106.14.camel@arifLaptop>
Arif Hossain <freefall1986@gmail.com> wrote:
> I'm using libnetfilter_queue for userspace modification of
> incoming/outgoing packets. I have been using a single threaded model.
> But i've found out that from 2.6.31 kernel, its possible to have
> different queues for different connection. so i was wandering if its
> possible to manage each queues in different threads.
Its usually simpler to just run several instances of the same program,
easier to maintain/debug and avoids locking/race conditions...
If you have requirements that make this a bad choice (e.g. memory
usage), then yes, you can use threads.
See
http://git.breakpoint.cc/cgi-bin/gitweb.cgi?p=fw/afcd.git;a=blob;f=src/in/in_nl.c;h=e298bd073f3c7e0c62432510c2b3f7de953df1ec;hb=74a2df00cdee5f3ff8360b32d711d5db086b5355#l351
for a program that does this.
> if i initialize above in the main thread and want to run the callbacks
> in threads, is it enough to run infinite loop in a function which will
> be given to pthread_create()? Will it run the callbacks in threads?
Yes.
> i'm not sure, but my understanding tells me, a packet is popped from the
> queues when nfq_set_verdict is returned. so i need to run
> nfq_set_verdict in separate threads so that i packets can be popped from
> queues parallel.
I don't understand this part. Basically all the processing do this
(see url above for full example):
static int nfnl_queue_cb(struct nfq_q_handle *qh, struct nfgenmsg *nfmsg,
struct nfq_data *nfa, void *data) {
[..]
ret = nfq_get_payload(nfa, &pkt);
do_something(pkt);
return nfq_set_verdict2( .. )
}
static void *_thread_main(void *arg) {
[..]
while (!thread_should_stop) {
ssize_t rv = read(fd, buf, nfq_buf_len);
if (rv > 0)
nfq_handle_packet(nfq_h, buf, (int) rv);
else
/* error ... */
}
/* cleanup */
return NULL;
}
All the threads then run nfnl_queue_cb() independently.
Of course, you'll need to add proper locking if they need to
access shared data structures...
prev parent reply other threads:[~2012-03-06 21:45 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-02 9:38 netfilter_queue : use --queue-balance in multithreaded environment Arif Hossain
2012-03-06 21:45 ` Florian Westphal [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120306214518.GB19133@Chamillionaire.breakpoint.cc \
--to=fw@strlen.de \
--cc=freefall1986@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).