diff options
| author | Jozsef Kadlecsik <kadlec@netfilter.org> | 2020-10-29 16:39:48 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-10-31 11:54:42 +0100 |
| commit | ccf0a4b7fc688561428290265e4effde41446668 (patch) | |
| tree | ec0972501cdc0b4d899371c552b84c9a592d7840 /include/linux/netfilter | |
| parent | a304ea7daf542b1e4a136be80bc973fc713e6ca6 (diff) | |
| download | linux-ccf0a4b7fc688561428290265e4effde41446668.tar.gz linux-ccf0a4b7fc688561428290265e4effde41446668.tar.bz2 linux-ccf0a4b7fc688561428290265e4effde41446668.zip | |
netfilter: ipset: Add bucketsize parameter to all hash types
The parameter defines the upper limit in any hash bucket at adding new entries
from userspace - if the limit would be exceeded, ipset doubles the hash size
and rehashes. It means the set may consume more memory but gives faster
evaluation at matching in the set.
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/linux/netfilter')
| -rw-r--r-- | include/linux/netfilter/ipset/ip_set.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/netfilter/ipset/ip_set.h b/include/linux/netfilter/ipset/ip_set.h index ab192720e2d6..46d9a0c26c67 100644 --- a/include/linux/netfilter/ipset/ip_set.h +++ b/include/linux/netfilter/ipset/ip_set.h @@ -198,6 +198,9 @@ struct ip_set_region { u32 elements; /* Number of elements vs timeout */ }; +/* The max revision number supported by any set type + 1 */ +#define IPSET_REVISION_MAX 9 + /* The core set type structure */ struct ip_set_type { struct list_head list; @@ -215,6 +218,8 @@ struct ip_set_type { u8 family; /* Type revisions */ u8 revision_min, revision_max; + /* Revision-specific supported (create) flags */ + u8 create_flags[IPSET_REVISION_MAX+1]; /* Set features to control swapping */ u16 features; |