lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Feb 2009 15:52:49 +0100 (MET) From: Patrick McHardy <kaber@...sh.net> To: davem@...emloft.net Cc: netdev@...r.kernel.org, Patrick McHardy <kaber@...sh.net>, netfilter-devel@...r.kernel.org Subject: netfilter 04/06: nf_conntrack: don't try to deliver events for untracked connections commit 5962fc6d5fff09c8e6fb8cadcb18327a0f4277f7 Author: Patrick McHardy <kaber@...sh.net> Date: Wed Feb 18 15:30:34 2009 +0100 netfilter: nf_conntrack: don't try to deliver events for untracked connections The untracked conntrack actually does usually have events marked for delivery as its not special-cased in that part of the code. Skip the actual delivery since it impacts performance noticeably. Signed-off-by: Patrick McHardy <kaber@...sh.net> diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h index e78afe7..c25068e 100644 --- a/include/net/netfilter/nf_conntrack_core.h +++ b/include/net/netfilter/nf_conntrack_core.h @@ -59,7 +59,7 @@ static inline int nf_conntrack_confirm(struct sk_buff *skb) struct nf_conn *ct = (struct nf_conn *)skb->nfct; int ret = NF_ACCEPT; - if (ct) { + if (ct && ct != &nf_conntrack_untracked) { if (!nf_ct_is_confirmed(ct) && !nf_ct_is_dying(ct)) ret = __nf_conntrack_confirm(skb); nf_ct_deliver_cached_events(ct); -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists