summaryrefslogtreecommitdiff
path: root/include/net
diff options
context:
space:
mode:
authorYi-Hung Wei <yihung.wei@gmail.com>2018-07-02 17:33:41 -0700
committerPablo Neira Ayuso <pablo@netfilter.org>2018-07-18 11:26:34 +0200
commit976afca1ceba53df6f4a543014e15d1c7a962571 (patch)
treed9d3e71727e1bc05208535ae8ef6fd8ea51540e7 /include/net
parentcb2b36f5a97df76f547fcc4ab444a02522fb6c96 (diff)
netfilter: nf_conncount: Early exit in nf_conncount_lookup() and cleanup
This patch is originally from Florian Westphal. This patch does the following three tasks. It applies the same early exit technique for nf_conncount_lookup(). Since now we keep the number of connections in 'struct nf_conncount_list', we no longer need to return the count in nf_conncount_lookup(). Moreover, we expose the garbage collection function nf_conncount_gc_list() for nft_connlimit. Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netfilter/nf_conntrack_count.h11
1 files changed, 7 insertions, 4 deletions
diff --git a/include/net/netfilter/nf_conntrack_count.h b/include/net/netfilter/nf_conntrack_count.h
index e4884e0e4f69..dbec17f674b7 100644
--- a/include/net/netfilter/nf_conntrack_count.h
+++ b/include/net/netfilter/nf_conntrack_count.h
@@ -21,10 +21,10 @@ unsigned int nf_conncount_count(struct net *net,
const struct nf_conntrack_tuple *tuple,
const struct nf_conntrack_zone *zone);
-unsigned int nf_conncount_lookup(struct net *net, struct nf_conncount_list *list,
- const struct nf_conntrack_tuple *tuple,
- const struct nf_conntrack_zone *zone,
- bool *addit);
+void nf_conncount_lookup(struct net *net, struct nf_conncount_list *list,
+ const struct nf_conntrack_tuple *tuple,
+ const struct nf_conntrack_zone *zone,
+ bool *addit);
void nf_conncount_list_init(struct nf_conncount_list *list);
@@ -32,6 +32,9 @@ bool nf_conncount_add(struct nf_conncount_list *list,
const struct nf_conntrack_tuple *tuple,
const struct nf_conntrack_zone *zone);
+void nf_conncount_gc_list(struct net *net,
+ struct nf_conncount_list *list);
+
void nf_conncount_cache_free(struct nf_conncount_list *list);
#endif