summaryrefslogtreecommitdiffstats
path: root/src/conntrack/api.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2012-01-04 11:50:28 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2012-01-04 12:08:22 +0100
commit00c2c9dca32eb8eb8687b42fc6d135f35eaa5ff8 (patch)
tree165dc4759be70221168fe401c8c7b8114ea3039e /src/conntrack/api.c
parentac39464a7619955adf9b317c829a0de0379d7c04 (diff)
src: put nf_expect and nf_conntrack into diet
Now, struct nf_expect takes only 192 bytes, instead of 1KB. struct nf_conntrack takes 296 bytes instead of 328 bytes. The size of the nf_expect structure has been reduced by rearranging the layout of the nf_conntrack structure. For the nf_conntrack case, this removes the allocation of room for attributes that the master tuple does not use (more specifically, the NATseq bytes). This patch modifies the binary layout of struct nf_conntrack. This should not be a problem since the definition of this object is opaque (it can be only accessed via get/set API). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/conntrack/api.c')
-rw-r--r--src/conntrack/api.c38
1 files changed, 19 insertions, 19 deletions
diff --git a/src/conntrack/api.c b/src/conntrack/api.c
index 738aa51..d3d9bdb 100644
--- a/src/conntrack/api.c
+++ b/src/conntrack/api.c
@@ -377,7 +377,7 @@ void nfct_set_attr(struct nf_conntrack *ct,
if (set_attr_array[type]) {
set_attr_array[type](ct, value);
- set_bit(type, ct->set);
+ set_bit(type, ct->head.set);
}
}
@@ -451,7 +451,7 @@ const void *nfct_get_attr(const struct nf_conntrack *ct,
return NULL;
}
- if (!test_bit(type, ct->set)) {
+ if (!test_bit(type, ct->head.set)) {
errno = ENODATA;
return NULL;
}
@@ -542,7 +542,7 @@ int nfct_attr_is_set(const struct nf_conntrack *ct,
errno = EINVAL;
return -1;
}
- return test_bit(type, ct->set);
+ return test_bit(type, ct->head.set);
}
/**
@@ -567,7 +567,7 @@ int nfct_attr_is_set_array(const struct nf_conntrack *ct,
errno = EINVAL;
return -1;
}
- if (!test_bit(type_array[i], ct->set))
+ if (!test_bit(type_array[i], ct->head.set))
return 0;
}
return 1;
@@ -590,7 +590,7 @@ int nfct_attr_unset(struct nf_conntrack *ct,
errno = EINVAL;
return -1;
}
- unset_bit(type, ct->set);
+ unset_bit(type, ct->head.set);
return 0;
}
@@ -615,7 +615,7 @@ void nfct_set_attr_grp(struct nf_conntrack *ct,
if (set_attr_grp_array[type]) {
set_attr_grp_array[type](ct, data);
- set_bitmask_u32(ct->set, attr_grp_bitmask[type], __NFCT_BITSET);
+ set_bitmask_u32(ct->head.set, attr_grp_bitmask[type], __NFCT_BITSET);
}
}
@@ -638,7 +638,7 @@ int nfct_get_attr_grp(const struct nf_conntrack *ct,
errno = EINVAL;
return -1;
}
- if (!test_bitmask_u32(ct->set, attr_grp_bitmask[type], __NFCT_BITSET)) {
+ if (!test_bitmask_u32(ct->head.set, attr_grp_bitmask[type], __NFCT_BITSET)) {
errno = ENODATA;
return -1;
}
@@ -663,7 +663,7 @@ int nfct_attr_grp_is_set(const struct nf_conntrack *ct,
errno = EINVAL;
return -1;
}
- return test_bitmask_u32(ct->set, attr_grp_bitmask[type], __NFCT_BITSET);
+ return test_bitmask_u32(ct->head.set, attr_grp_bitmask[type], __NFCT_BITSET);
}
/**
@@ -683,7 +683,7 @@ int nfct_attr_grp_unset(struct nf_conntrack *ct,
errno = EINVAL;
return -1;
}
- unset_bitmask_u32(ct->set, attr_grp_bitmask[type], __NFCT_BITSET);
+ unset_bitmask_u32(ct->head.set, attr_grp_bitmask[type], __NFCT_BITSET);
return 0;
}
@@ -1128,10 +1128,10 @@ void nfct_copy(struct nf_conntrack *ct1,
}
if (flags == NFCT_CP_ALL) {
for (i=0; i<ATTR_MAX; i++) {
- if (test_bit(i, ct2->set)) {
+ if (test_bit(i, ct2->head.set)) {
assert(copy_attr_array[i]);
copy_attr_array[i](ct1, ct2);
- set_bit(i, ct1->set);
+ set_bit(i, ct1->head.set);
}
}
return;
@@ -1154,10 +1154,10 @@ void nfct_copy(struct nf_conntrack *ct1,
if (flags & NFCT_CP_ORIG) {
for (i=0; i<__CP_ORIG_MAX; i++) {
- if (test_bit(cp_orig_mask[i], ct2->set)) {
+ if (test_bit(cp_orig_mask[i], ct2->head.set)) {
assert(copy_attr_array[i]);
copy_attr_array[cp_orig_mask[i]](ct1, ct2);
- set_bit(cp_orig_mask[i], ct1->set);
+ set_bit(cp_orig_mask[i], ct1->head.set);
}
}
}
@@ -1176,20 +1176,20 @@ void nfct_copy(struct nf_conntrack *ct1,
if (flags & NFCT_CP_REPL) {
for (i=0; i<__CP_REPL_MAX; i++) {
- if (test_bit(cp_repl_mask[i], ct2->set)) {
+ if (test_bit(cp_repl_mask[i], ct2->head.set)) {
assert(copy_attr_array[i]);
copy_attr_array[cp_repl_mask[i]](ct1, ct2);
- set_bit(cp_repl_mask[i], ct1->set);
+ set_bit(cp_repl_mask[i], ct1->head.set);
}
}
}
if (flags & NFCT_CP_META) {
for (i=ATTR_TCP_STATE; i<ATTR_MAX; i++) {
- if (test_bit(i, ct2->set)) {
+ if (test_bit(i, ct2->head.set)) {
assert(copy_attr_array[i]),
copy_attr_array[i](ct1, ct2);
- set_bit(i, ct1->set);
+ set_bit(i, ct1->head.set);
}
}
}
@@ -1207,10 +1207,10 @@ void nfct_copy_attr(struct nf_conntrack *ct1,
const struct nf_conntrack *ct2,
const enum nf_conntrack_attr type)
{
- if (test_bit(type, ct2->set)) {
+ if (test_bit(type, ct2->head.set)) {
assert(copy_attr_array[type]);
copy_attr_array[type](ct1, ct2);
- set_bit(type, ct1->set);
+ set_bit(type, ct1->head.set);
}
}