diff options
| author | Phil Sutter <phil@nwl.cc> | 2019-07-03 09:36:26 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-07-03 13:19:32 +0200 |
| commit | 0afa33d532c3bd1bf54d7e764ac32619cd73e028 (patch) | |
| tree | 27d13ae445972ba6eaab341714016c66716a06a7 | |
| parent | cb27c59055fe077f0c422fdad2be71e1bdbb687f (diff) | |
nft: Move send/receive buffer sizes into nft_handle
Store them next to the mnl_socket pointer. While being at it, add a
comment to mnl_set_rcvbuffer() explaining why the buffer size is
changed.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | iptables/nft.c | 17 | ||||
| -rw-r--r-- | iptables/nft.h | 2 |
2 files changed, 9 insertions, 10 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index 4a528091..e927d1db 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -186,13 +186,11 @@ static void mnl_err_list_free(struct mnl_err *err) free(err); } -static int nlbuffsiz; - static void mnl_set_sndbuffer(struct nft_handle *h) { int newbuffsiz = nftnl_batch_iovec_len(h->batch) * BATCH_PAGE_SIZE; - if (newbuffsiz <= nlbuffsiz) + if (newbuffsiz <= h->nlsndbuffsiz) return; /* Rise sender buffer length to avoid hitting -EMSGSIZE */ @@ -200,23 +198,22 @@ static void mnl_set_sndbuffer(struct nft_handle *h) &newbuffsiz, sizeof(socklen_t)) < 0) return; - nlbuffsiz = newbuffsiz; + h->nlsndbuffsiz = newbuffsiz; } -static int nlrcvbuffsiz; - static void mnl_set_rcvbuffer(struct nft_handle *h, int numcmds) { int newbuffsiz = getpagesize() * numcmds; - if (newbuffsiz <= nlrcvbuffsiz) + if (newbuffsiz <= h->nlrcvbuffsiz) return; + /* Rise receiver buffer length to avoid hitting -ENOBUFS */ if (setsockopt(mnl_socket_get_fd(h->nl), SOL_SOCKET, SO_RCVBUFFORCE, &newbuffsiz, sizeof(socklen_t)) < 0) return; - nlrcvbuffsiz = newbuffsiz; + h->nlrcvbuffsiz = newbuffsiz; } static ssize_t mnl_nft_socket_sendmsg(struct nft_handle *h, int numcmds) @@ -807,8 +804,8 @@ static int nft_restart(struct nft_handle *h) return -1; h->portid = mnl_socket_get_portid(h->nl); - nlbuffsiz = 0; - nlrcvbuffsiz = 0; + h->nlsndbuffsiz = 0; + h->nlrcvbuffsiz = 0; return 0; } diff --git a/iptables/nft.h b/iptables/nft.h index 43eb8a39..dc116184 100644 --- a/iptables/nft.h +++ b/iptables/nft.h @@ -38,6 +38,8 @@ struct nft_cache { struct nft_handle { int family; struct mnl_socket *nl; + int nlsndbuffsiz; + int nlrcvbuffsiz; uint32_t portid; uint32_t seq; uint32_t nft_genid; |