[NETFILTER]: NAT optimization.

The following patch against 2.6.0-test4 (courtesy of Patrick McHardy) optimizes the NAT code. In the old implementation, the hash function was passed to the LIST_DELETE macro, which resulted in it being called two times instead of one.

[NETFILTER]: NAT optimization.
The following patch against 2.6.0-test4 (courtesy of Patrick McHardy) optimizes the NAT code. In the old implementation, the hash function was passed to the LIST_DELETE macro, which resulted in it being called two times instead of one.
db4c3d53 · Harald Welte · Stephen Hemminger · 9646f503 · db4c3d53
Commit db4c3d53 authored Aug 23, 2003 by Harald Welte Committed by Stephen Hemminger Aug 23, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 17 deletions

net/ipv4/netfilter/ip_nat_core.c net/ipv4/netfilter/ip_nat_core.c +16 -17

No files found.
--- a/net/ipv4/netfilter/ip_nat_core.c
+++ b/net/ipv4/netfilter/ip_nat_core.c
@@ -68,6 +68,7 @@ hash_by_src(const struct ip_conntrack_manip *manip, u_int16_t proto)
 static void ip_nat_cleanup_conntrack(struct ip_conntrack *conn)
 {
 	struct ip_nat_info *info = &conn->nat.info;
+	unsigned int hs, hp;
 	if (!info->initialized)
 		return;
@@ -75,21 +76,18 @@ static void ip_nat_cleanup_conntrack(struct ip_conntrack *conn)
 	IP_NF_ASSERT(info->bysource.conntrack);
 	IP_NF_ASSERT(info->byipsproto.conntrack);
+	hs = hash_by_src(&conn->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src,
+	                 conn->tuplehash[IP_CT_DIR_ORIGINAL]
+	                 .tuple.dst.protonum);
+	hp = hash_by_ipsproto(conn->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip,
+	                      conn->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip,
+	                      conn->tuplehash[IP_CT_DIR_REPLY]
+	                      .tuple.dst.protonum);
 	WRITE_LOCK(&ip_nat_lock);
-	LIST_DELETE(&bysource[hash_by_src(&conn->tuplehash[IP_CT_DIR_ORIGINAL]
+	LIST_DELETE(&bysource[hs], &info->bysource);
-					  .tuple.src,
+	LIST_DELETE(&byipsproto[hp], &info->byipsproto);
-					  conn->tuplehash[IP_CT_DIR_ORIGINAL]
-					  .tuple.dst.protonum)],
-		    &info->bysource);
-	LIST_DELETE(&byipsproto
-		    [hash_by_ipsproto(conn->tuplehash[IP_CT_DIR_REPLY]
-				      .tuple.src.ip,
-				      conn->tuplehash[IP_CT_DIR_REPLY]
-				      .tuple.dst.ip,
-				      conn->tuplehash[IP_CT_DIR_REPLY]
-				      .tuple.dst.protonum)],
-		    &info->byipsproto);
 	WRITE_UNLOCK(&ip_nat_lock);
 }
@@ -246,11 +244,12 @@ count_maps(u_int32_t src, u_int32_t dst, u_int16_t protonum,
 	   const struct ip_conntrack *conntrack)
 {
 	unsigned int score = 0;
+	unsigned int h;
 	MUST_BE_READ_LOCKED(&ip_nat_lock);
-	LIST_FIND(&byipsproto[hash_by_ipsproto(src, dst, protonum)],
+	h = hash_by_ipsproto(src, dst, protonum);
-		  fake_cmp, struct ip_nat_hash *, src, dst, protonum, &score,
+	LIST_FIND(&byipsproto[h], fake_cmp, struct ip_nat_hash *,
-		  conntrack);
+	          src, dst, protonum, &score, conntrack);
 	return score;
 }