summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter/nf_tables.h
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2015-02-25 00:53:51 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2015-04-27 13:30:05 +0200
commit1c9b43818b9c7bd48b36626d04c9cea94c52fd87 (patch)
tree708c2bf365e8efc6783ab0244804224113c2a182 /include/linux/netfilter/nf_tables.h
parent259c0e74e97b4d769044a399992802c50ff43ce2 (diff)
src: add batch abstraction
This patch adds a new batch class to libnftnl, it basically generalizes what we already have. A batch is composed of one or more page objects. Every page may contain one or more netlink messages. batch * .------. .------. .------. | | | | | | | `----> | page |-->| page |-->...-->| page | | | | | | | `------' `------' `------' You can create a batch via: batch = nft_batch_alloc(...); This batch initially comes with one initial page. You can fetch a pointer to the next spare area in the current page to add a new netlink message to the batch. void *nft_batch_buffer(struct nft_batch *batch); Once you have added a netlink message, you have to call: nft_batch_update(batch); this internally updates the pointer to the next spare data area in the page. Every page has a limit threshold after which you start using the overrun area. page .------. | | | | . . page area | | | | |------|<--- limit | | | | overrun area | | '______'<--- real page size If we write over the limit, then the next call to nft_batch_update() results in a new empty page added to the batch. With careful page size and limit selection, we ensure that a netlink message always fit into the page, so we avoid the overhead of canceling the netlink message that doesn't fit in. Once your batch is complete, if you want to send it out to kernel-space, you can convert them to iovec via: nft_batch_iovec(batch, iov, iov_len); Then, after having sent the batch, you can release it via: nft_batch_free(batch); This class relies on the libmnl batching infrastructure. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux/netfilter/nf_tables.h')
0 files changed, 0 insertions, 0 deletions