Make size members of ebt_entry_* denote the size of the actual data. This makes ebt_do_table() go faster. 19 April 2002 --- linux/net/bridge/netfilter/ebtables.c Fri Apr 19 20:47:12 2002 +++ ebt2.0pre3.001/net/bridge/netfilter/ebtables.c Fri Apr 19 20:42:50 2002 @@ -65,7 +65,7 @@ const struct ebt_counter *c) { w->u.watcher->watcher(skb, in, out, w->data, - w->watcher_size - sizeof(struct ebt_entry_watcher), c); + w->watcher_size, c); // watchers don't give a verdict return 0; } @@ -77,7 +77,7 @@ const struct ebt_counter *c) { return m->u.match->match(skb, in, out, m->data, - m->match_size - sizeof(struct ebt_entry_match), c); + m->match_size, c); } static inline int ebt_dev_check(char *entry, const struct net_device *device) @@ -197,7 +197,7 @@ m->u.match = match; if (match->check && match->check(name, hook, e, m->data, - m->match_size - sizeof(*m)) != 0) { + m->match_size) != 0) { BUGPRINT("match->check failed\n"); up(&ebt_mutex); return -EINVAL; @@ -228,7 +228,7 @@ w->u.watcher = watcher; if (watcher->check && watcher->check(name, hook, e, w->data, - w->watcher_size - sizeof(*w)) != 0) { + w->watcher_size) != 0) { BUGPRINT("watcher->check failed\n"); up(&ebt_mutex); return -EINVAL; @@ -318,7 +318,7 @@ if (i && (*i)-- == 0) return 1; if (m->u.match->destroy) - m->u.match->destroy(m->data, m->match_size - sizeof(*m)); + m->u.match->destroy(m->data, m->match_size); if (m->u.match->me) __MOD_DEC_USE_COUNT(m->u.match->me); @@ -331,7 +331,7 @@ if (i && (*i)-- == 0) return 1; if (w->u.watcher->destroy) - w->u.watcher->destroy(w->data, w->watcher_size - sizeof(*w)); + w->u.watcher->destroy(w->data, w->watcher_size); if (w->u.watcher->me) __MOD_DEC_USE_COUNT(w->u.watcher->me); @@ -411,7 +411,7 @@ } } else if (t->u.target->check && t->u.target->check(name, hook, e, t->data, - t->target_size - sizeof(*t)) != 0) { + t->target_size) != 0) { if (t->u.target->me) __MOD_DEC_USE_COUNT(t->u.target->me); ret = -EFAULT; @@ -440,7 +440,7 @@ EBT_MATCH_ITERATE(e, ebt_cleanup_match, NULL); t = (struct ebt_entry_target *)(((char *)e) + e->target_offset); if (t->u.target->destroy) - t->u.target->destroy(t->data, t->target_size - sizeof(*t)); + t->u.target->destroy(t->data, t->target_size); if (t->u.target->me) __MOD_DEC_USE_COUNT(t->u.target->me); --- linux/include/linux/netfilter_bridge/ebtables.h Fri Apr 19 20:47:12 2002 +++ ebt2.0pre3.001/include/linux/netfilter_bridge/ebtables.h Fri Apr 19 20:50:24 2002 @@ -19,7 +19,7 @@ #define EBT_TABLE_MAXNAMELEN 32 #define EBT_FUNCTION_MAXNAMELEN EBT_TABLE_MAXNAMELEN -/* [gs]etsockopt numbers */ +// [gs]etsockopt numbers #define EBT_BASE_CTL 128 #define EBT_SO_SET_ENTRIES (EBT_BASE_CTL) @@ -84,7 +84,7 @@ char name[EBT_FUNCTION_MAXNAMELEN]; struct ebt_match *match; } u; - // size of this struct + size of data + // size of data unsigned int match_size; unsigned char data[0]; }; @@ -95,7 +95,7 @@ char name[EBT_FUNCTION_MAXNAMELEN]; struct ebt_watcher *watcher; } u; - // size of this struct + size of data + // size of data unsigned int watcher_size; unsigned char data[0]; }; @@ -106,7 +106,7 @@ char name[EBT_FUNCTION_MAXNAMELEN]; struct ebt_target *target; } u; - // size of this struct + size of data + // size of data unsigned int target_size; unsigned char data[0]; }; @@ -118,7 +118,7 @@ __u8 verdict; }; -/* one entry */ +// one entry struct ebt_entry { // this needs to be the first field __u32 bitmask; @@ -199,8 +199,8 @@ const void *targetdata, unsigned int datalen); // 0 == let it in - int (*check)(const char *tablename, unsigned int hooknr, const struct ebt_entry *e, - void *targetdata, unsigned int datalen); + int (*check)(const char *tablename, unsigned int hooknr, + const struct ebt_entry *e, void *targetdata, unsigned int datalen); void (*destroy)(void *targetdata, unsigned int datalen); struct module *me; }; @@ -227,7 +227,8 @@ rwlock_t lock; // e.g. could be the table explicitly only allows certain // matches, targets, ... 0 == let it in - int (*check)(const struct ebt_table_info *info, unsigned int valid_hooks); + int (*check)(const struct ebt_table_info *info, + unsigned int valid_hooks); // the data used by the kernel struct ebt_table_info *private; }; @@ -256,7 +257,8 @@ \ for (__i = sizeof(struct ebt_entry); \ __i < (e)->watchers_offset; \ - __i += __match->match_size) { \ + __i += __match->match_size + \ + sizeof(struct ebt_entry_match)) { \ __match = (void *)(e) + __i; \ \ __ret = fn(__match , ## args); \ @@ -278,7 +280,8 @@ \ for (__i = e->watchers_offset; \ __i < (e)->target_offset; \ - __i += __watcher->watcher_size) { \ + __i += __watcher->watcher_size + \ + sizeof(struct ebt_entry_watcher)) { \ __watcher = (void *)(e) + __i; \ \ __ret = fn(__watcher , ## args); \