condition for 2.6.16
Massimiliano Hofer
max at nucleus.it
Fri Apr 28 12:46:39 CEST 2006
On Friday 28 April 2006 9:12 am, Patrick McHardy wrote:
> I'm not really buying that argument, this can all also be done in
> userspace. But a lot of people seem to consider it useful, so I might
> reconsider if someone cleans it up so it at least doesn't need to walk
> the list of conditions for every packet it matches .. but no promises.
I'll set to work on it. I'll need to change the userspace interface, though.
The only O(1) way to do it is to store a pointer (or any other id) in the rule
itself. I didn't do it in the previous version because I though this was
really ugly. I can't find any other match doing a similar thing. Anyway I can
do it.
On the other hand I can make it a guaranteed O(log n) or average O(1) without
meddling the rule descriptor and with compatible userspace. What do you
prefer?
--
Saluti,
Massimiliano Hofer
Nucleus
More information about the netfilter-devel
mailing list