[Bug 621] New: xt_recent recent_entry_hash function
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Sun Nov 15 00:08:45 CET 2009
http://bugzilla.netfilter.org/show_bug.cgi?id=621
Summary: xt_recent recent_entry_hash function
Product: netfilter/iptables
Version: linux-2.6.x
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P1
Component: ip_tables (kernel)
AssignedTo: laforge at netfilter.org
ReportedBy: kondratev.pavel at gmail.com
translate.google.com helps me to write this message.
the module xt_recent, check to initialize the initial hash is made constantly
when adding / finding ip
IMO should be moved to initialize the initial hash in recent_mt_init, and
remove the check is not necessary.
------------patch-----------------
--- xt_recent.orig 2009-11-15 04:04:14.785353036 +0500
+++ xt_recent.new 2009-11-15 04:06:09.022851724 +0500
@@ -95,20 +95,12 @@
static unsigned int recent_entry_hash4(const union nf_inet_addr *addr)
{
- if (!hash_rnd_initted) {
- get_random_bytes(&hash_rnd, sizeof(hash_rnd));
- hash_rnd_initted = true;
- }
return jhash_1word((__force u32)addr->ip, hash_rnd) &
(ip_list_hash_size - 1);
}
static unsigned int recent_entry_hash6(const union nf_inet_addr *addr)
{
- if (!hash_rnd_initted) {
- get_random_bytes(&hash_rnd, sizeof(hash_rnd));
- hash_rnd_initted = true;
- }
return jhash2((u32 *)addr->ip6, ARRAY_SIZE(addr->ip6), hash_rnd) &
(ip_list_hash_size - 1);
}
@@ -645,6 +637,8 @@
return -EINVAL;
ip_list_hash_size = 1 << fls(ip_list_tot);
+ get_random_bytes(&hash_rnd, sizeof(hash_rnd));
+
err = xt_register_matches(recent_mt_reg, ARRAY_SIZE(recent_mt_reg));
#ifdef CONFIG_PROC_FS
if (err)
------------end patch-----------------
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list