| commit | 0079c5aee34880bcee7feee9960f0502c73dc5fa | |
| author | Tim Gardner <tim.gardner@canonical.com> | |
| Tue, 16 Mar 2010 18:53:13 +0000 (16 19:53 +0100) | ||
| committer | Patrick McHardy <kaber@trash.net> | |
| Wed, 17 Mar 2010 14:53:12 +0000 (17 15:53 +0100) | ||
| tree | a828b04c52f6650cbd654ca7b7de5ccdab5762c7 | treesnapshot (tar.gz zip) |
| parent | 5be4a4f589841ef06fd79b241de3d5353a6c5efa | commitdiff |
netfilter: xt_recent: add an entry reaper
One of the problems with the way xt_recent is implemented is that
there is no efficient way to remove expired entries. Of course,
one can write a rule '-m recent --remove', but you have to know
beforehand which entry to delete. This commit adds reaper
logic which checks the head of the LRU list when a rule
is invoked that has a '--seconds' value and XT_RECENT_REAP set. If an
entry ceases to accumulate time stamps, then it will eventually bubble
to the top of the LRU list where it is then reaped.
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
One of the problems with the way xt_recent is implemented is that
there is no efficient way to remove expired entries. Of course,
one can write a rule '-m recent --remove', but you have to know
beforehand which entry to delete. This commit adds reaper
logic which checks the head of the LRU list when a rule
is invoked that has a '--seconds' value and XT_RECENT_REAP set. If an
entry ceases to accumulate time stamps, then it will eventually bubble
to the top of the LRU list where it is then reaped.
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
| include/linux/netfilter/xt_recent.h | diffblobblamehistory | |
| net/netfilter/xt_recent.c | diffblobblamehistory |