From 8beb0492c84dbec73febce36559ff244f77ec08e Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Wed, 22 Dec 2004 00:37:10 +0000 Subject: Don't need ipt_entry_target()/ip6t_entry_target() now kernel uses static inline instead of extern inline (otherwise it doesn't compile without -O). Don't re-initialize libiptc/libip6t unless modprobe attempt actually succeeds. This makes nfsim run about 20 times faster, as it doesn't have to explore failures in the first iptc_init(). --- ip6tables.c | 23 ++++++++--------------- iptables.c | 23 ++++++++--------------- 2 files changed, 16 insertions(+), 30 deletions(-) diff --git a/ip6tables.c b/ip6tables.c index ced26a55..aac95316 100644 --- a/ip6tables.c +++ b/ip6tables.c @@ -148,14 +148,6 @@ static struct option original_opts[] = { * magic number of -1 */ int line = -1; -#ifndef __OPTIMIZE__ -struct ip6t_entry_target * -ip6t_get_target(struct ip6t_entry *e) -{ - return (void *)e + e->target_offset; -} -#endif - static struct option *opts = original_opts; static unsigned int global_option_offset = 0; @@ -1624,6 +1616,7 @@ int ip6tables_insmod(const char *modname, const char *modprobe) { char *buf = NULL; char *argv[3]; + int status; /* If they don't explicitly set it, read out of kernel */ if (!modprobe) { @@ -1641,16 +1634,18 @@ int ip6tables_insmod(const char *modname, const char *modprobe) execv(argv[0], argv); /* not usually reached */ - exit(0); + exit(1); case -1: return -1; default: /* parent */ - wait(NULL); + wait(&status); } free(buf); - return 0; + if (WIFEXITED(status) && WEXITSTATUS(status) == 0) + return 0; + return -1; } static struct ip6t_entry * @@ -2193,11 +2188,9 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle) if (!*handle) *handle = ip6tc_init(*table); - if (!*handle) { - /* try to insmod the module if iptc_init failed */ - ip6tables_insmod("ip6_tables", modprobe); + /* try to insmod the module if iptc_init failed */ + if (!*handle && ip6tables_insmod("ip6_tables", modprobe) != -1) *handle = ip6tc_init(*table); - } if (!*handle) exit_error(VERSION_PROBLEM, diff --git a/iptables.c b/iptables.c index c6f19c22..7c003ad1 100644 --- a/iptables.c +++ b/iptables.c @@ -147,14 +147,6 @@ static struct option original_opts[] = { * magic number of -1 */ int line = -1; -#ifndef __OPTIMIZE__ -struct ipt_entry_target * -ipt_get_target(struct ipt_entry *e) -{ - return (void *)e + e->target_offset; -} -#endif - static struct option *opts = original_opts; static unsigned int global_option_offset = 0; @@ -1622,6 +1614,7 @@ int iptables_insmod(const char *modname, const char *modprobe) { char *buf = NULL; char *argv[3]; + int status; /* If they don't explicitly set it, read out of kernel */ if (!modprobe) { @@ -1639,16 +1632,18 @@ int iptables_insmod(const char *modname, const char *modprobe) execv(argv[0], argv); /* not usually reached */ - exit(0); + exit(1); case -1: return -1; default: /* parent */ - wait(NULL); + wait(&status); } free(buf); - return 0; + if (WIFEXITED(status) && WEXITSTATUS(status) == 0) + return 0; + return -1; } static struct ipt_entry * @@ -2193,11 +2188,9 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle) if (!*handle) *handle = iptc_init(*table); - if (!*handle) { - /* try to insmod the module if iptc_init failed */ - iptables_insmod("ip_tables", modprobe); + /* try to insmod the module if iptc_init failed */ + if (!*handle && iptables_insmod("ip_tables", modprobe) != -1) *handle = iptc_init(*table); - } if (!*handle) exit_error(VERSION_PROBLEM, -- cgit v1.2.3