|
|
@@ -58,8 +58,7 @@ struct xt_connlimit_rb {
|
|
|
static spinlock_t xt_connlimit_locks[CONNLIMIT_LOCK_SLOTS] __cacheline_aligned_in_smp;
|
|
|
|
|
|
struct xt_connlimit_data {
|
|
|
- struct rb_root climit_root4[CONNLIMIT_SLOTS];
|
|
|
- struct rb_root climit_root6[CONNLIMIT_SLOTS];
|
|
|
+ struct rb_root climit_root[CONNLIMIT_SLOTS];
|
|
|
};
|
|
|
|
|
|
static u_int32_t connlimit_rnd __read_mostly;
|
|
|
@@ -294,13 +293,11 @@ static int count_them(struct net *net,
|
|
|
int count;
|
|
|
u32 hash;
|
|
|
|
|
|
- if (family == NFPROTO_IPV6) {
|
|
|
+ if (family == NFPROTO_IPV6)
|
|
|
hash = connlimit_iphash6(addr, mask);
|
|
|
- root = &data->climit_root6[hash];
|
|
|
- } else {
|
|
|
+ else
|
|
|
hash = connlimit_iphash(addr->ip & mask->ip);
|
|
|
- root = &data->climit_root4[hash];
|
|
|
- }
|
|
|
+ root = &data->climit_root[hash];
|
|
|
|
|
|
spin_lock_bh(&xt_connlimit_locks[hash % CONNLIMIT_LOCK_SLOTS]);
|
|
|
|
|
|
@@ -379,10 +376,8 @@ static int connlimit_mt_check(const struct xt_mtchk_param *par)
|
|
|
return -ENOMEM;
|
|
|
}
|
|
|
|
|
|
- for (i = 0; i < ARRAY_SIZE(info->data->climit_root4); ++i)
|
|
|
- info->data->climit_root4[i] = RB_ROOT;
|
|
|
- for (i = 0; i < ARRAY_SIZE(info->data->climit_root6); ++i)
|
|
|
- info->data->climit_root6[i] = RB_ROOT;
|
|
|
+ for (i = 0; i < ARRAY_SIZE(info->data->climit_root); ++i)
|
|
|
+ info->data->climit_root[i] = RB_ROOT;
|
|
|
|
|
|
return 0;
|
|
|
}
|
|
|
@@ -413,10 +408,8 @@ static void connlimit_mt_destroy(const struct xt_mtdtor_param *par)
|
|
|
|
|
|
nf_ct_netns_put(par->net, par->family);
|
|
|
|
|
|
- for (i = 0; i < ARRAY_SIZE(info->data->climit_root4); ++i)
|
|
|
- destroy_tree(&info->data->climit_root4[i]);
|
|
|
- for (i = 0; i < ARRAY_SIZE(info->data->climit_root6); ++i)
|
|
|
- destroy_tree(&info->data->climit_root6[i]);
|
|
|
+ for (i = 0; i < ARRAY_SIZE(info->data->climit_root); ++i)
|
|
|
+ destroy_tree(&info->data->climit_root[i]);
|
|
|
|
|
|
kfree(info->data);
|
|
|
}
|
Taehee Yoo