Date: Wed, 13 Aug 2014 09:34:33 +0000 (UTC) From: "Alexander V. Chernikov" <melifaro@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r269924 - projects/ipfw/sys/netpfil/ipfw Message-ID: <201408130934.s7D9YXfn016596@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: melifaro Date: Wed Aug 13 09:34:33 2014 New Revision: 269924 URL: http://svnweb.freebsd.org/changeset/base/269924 Log: * Add jump_linear() function utilizing calculated skipto cache. * Update description for jump_fast() * Make jump_fast() users use JUMP() macro which is resolved to jump_fast() by default. Modified: projects/ipfw/sys/netpfil/ipfw/ip_fw2.c Modified: projects/ipfw/sys/netpfil/ipfw/ip_fw2.c ============================================================================== --- projects/ipfw/sys/netpfil/ipfw/ip_fw2.c Wed Aug 13 08:24:48 2014 (r269923) +++ projects/ipfw/sys/netpfil/ipfw/ip_fw2.c Wed Aug 13 09:34:33 2014 (r269924) @@ -126,6 +126,12 @@ VNET_DEFINE(unsigned int, fw_tables_sets /* Use 128 tables by default */ static unsigned int default_fw_tables = IPFW_TABLES_DEFAULT; +static int jump_fast(struct ip_fw_chain *chain, struct ip_fw *f, int num, + int tablearg, int jump_backwards); +static int jump_linear(struct ip_fw_chain *chain, struct ip_fw *f, int num, + int tablearg, int jump_backwards); +#define JUMP(ch, f, num, targ, back) jump_fast(ch, f, num, targ, back) + /* * Each rule belongs to one of 32 different sets (0..31). * The variable set_disable contains one bit per set. @@ -798,7 +804,7 @@ set_match(struct ip_fw_args *args, int s /* * Helper function to enable cached rule lookups using - * x_next and next_rule fields in ipfw rule. + * cached_id and cached_pos fields in ipfw rule. */ static int jump_fast(struct ip_fw_chain *chain, struct ip_fw *f, int num, @@ -806,8 +812,8 @@ jump_fast(struct ip_fw_chain *chain, str { int f_pos; - /* If possible use cached f_pos (in f->next_rule), - * whose version is written in f->next_rule + /* If possible use cached f_pos (in f->cached_pos), + * whose version is written in f->cached_id * (horrible hacks to avoid changing the ABI). */ if (num != IP_FW_TARG && f->cached_id == chain->id) @@ -832,6 +838,24 @@ jump_fast(struct ip_fw_chain *chain, str } /* + * Helper function to enable real fast rule lookups. + */ +static int +jump_linear(struct ip_fw_chain *chain, struct ip_fw *f, int num, + int tablearg, int jump_backwards) +{ + int f_pos; + + num = IP_FW_ARG_TABLEARG(num); + /* make sure we do not jump backward */ + if (jump_backwards == 0 && num <= f->rulenum) + num = f->rulenum + 1; + f_pos = chain->idxmap[num]; + + return (f_pos); +} + +/* * The main check routine for the firewall. * * All arguments are in args so we can modify them and return them @@ -2190,7 +2214,7 @@ do { \ case O_SKIPTO: IPFW_INC_RULE_COUNTER(f, pktlen); - f_pos = jump_fast(chain, f, cmd->arg1, tablearg, 0); + f_pos = JUMP(chain, f, cmd->arg1, tablearg, 0); /* * Skip disabled rules, and re-enter * the inner loop with the correct @@ -2279,7 +2303,7 @@ do { \ if (IS_CALL) { stack[mtag->m_tag_id] = f->rulenum; mtag->m_tag_id++; - f_pos = jump_fast(chain, f, cmd->arg1, + f_pos = JUMP(chain, f, cmd->arg1, tablearg, 1); } else { /* `return' action */ mtag->m_tag_id--;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201408130934.s7D9YXfn016596>