summaryrefslogtreecommitdiffstats
path: root/iptables/nft-shared.h
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2020-10-02 09:44:38 +0200
committerPhil Sutter <phil@nwl.cc>2020-11-04 15:39:23 +0100
commit323259001d617ae359430a03ee3d3e7f107684e0 (patch)
treebb45b44cc1208b2e5607bdcd11d447db8e119cad /iptables/nft-shared.h
parent06a2eb727b0f350fcfea95839fc8c4674763a35d (diff)
nft: Optimize class-based IP prefix matches
Payload expression works on byte-boundaries, leverage this with suitable prefix lengths. Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/nft-shared.h')
-rw-r--r--iptables/nft-shared.h4
1 files changed, 4 insertions, 0 deletions
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 4440fd17..a5246334 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -247,4 +247,8 @@ void xtables_restore_parse(struct nft_handle *h,
const struct nft_xt_restore_parse *p);
void nft_check_xt_legacy(int family, bool is_ipt_save);
+
+#define min(x, y) ((x) < (y) ? (x) : (y))
+#define max(x, y) ((x) > (y) ? (x) : (y))
+
#endif