summaryrefslogtreecommitdiffstats
path: root/libiptc
diff options
context:
space:
mode:
author/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org>2004-12-18 17:18:49 +0000
committer/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf@netfilter.org>2004-12-18 17:18:49 +0000
commitd24c86bf172d302a00cdf57fd3b7b2f7fc113b39 (patch)
treef172a0f572c4912eb17932a2327849f0b9d7abd0 /libiptc
parenteb6854e080f99d34f372c0fbe11efda3eba3d9c0 (diff)
Implement some optimization for finding rules to replace in TC_REPLACE_ENTRY.
Stolen from TC_DELETE_NUM_ENTRY.
Diffstat (limited to 'libiptc')
-rw-r--r--libiptc/libiptc.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index 218ff03..dfa2d1f 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -1,4 +1,4 @@
-/* Library which manipulates firewall rules. Version $Revision: 1.56 $ */
+/* Library which manipulates firewall rules. Version $Revision$ */
/* Architecture of firewall rules is as follows:
*
@@ -1319,11 +1319,18 @@ TC_REPLACE_ENTRY(const IPT_CHAINLABEL chain,
return 0;
}
- if (!(old = iptcc_get_rule_num(c, rulenum + 1))) {
+ if (rulenum >= c->num_rules) {
errno = E2BIG;
return 0;
}
+ /* Take advantage of the double linked list if possible. */
+ if (rulenum + 1 <= c->num_rules/2) {
+ old = iptcc_get_rule_num(c, rulenum + 1);
+ } else {
+ old = iptcc_get_rule_num_reverse(c, c->num_rules - rulenum);
+ }
+
if (!(r = iptcc_alloc_rule(c, e->next_offset))) {
errno = ENOMEM;
return 0;