| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Dec 2007 15:15:48 +0100 From: Patrick McHardy <kaber@...sh.net> To: Sami Farin <safari-netfilter@...ari.iki.fi> CC: David Miller <davem@...emloft.net>, dada1@...mosbay.com, jarkao2@...il.com, netfilter-devel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [NETFILTER] xt_hashlimit : speedups hash_dst() Sami Farin wrote: > On Sat, Dec 15, 2007 at 21:42:19 -0800, David Miller wrote: >> From: Eric Dumazet <dada1@...mosbay.com> >> Date: Sat, 15 Dec 2007 12:04:47 +0100 >> >>> I prefer to let admins chose their size, since it makes attacker life more >>> difficult :) >>> >>> For example, I can tell you I have a server, were size is between 2.000.000 >>> and 3.500.000, I dont want to be forced to use 2097152 >>> >>> A multiply is cheap, at least on current hardware. >> I agree, and I see nothing wrong with Eric's patch and it >> should be merged ASAP. > > You could do the same optimization for > net/netfilter/nf_conntrack_core.c:__hash_conntrack() , too. Yes, I already took care of that for conntrack and other netfilter non-power-of-two hashes. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists