| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Nov 2011 17:15:25 +0100 From: Eric Dumazet <eric.dumazet@...il.com> To: Miroslav Kratochvil <exa.exa@...il.com> Cc: netdev@...r.kernel.org Subject: Re: tc: deleting single entry from filter hashtable Le dimanche 13 novembre 2011 à 22:19 +0100, Miroslav Kratochvil a écrit : > Hello, > > I have following problem: For performance reasons I've been using a > setup known from LARTC as 'hashing filters', just like here: > > http://lartc.org/howto/lartc.adv-filter.hashing.html > > For the same performance reasons, I'd like to be able to delete or > change a _single_ entry from the hash table, so I don't need to refill > the whole table on every change I need to do (which can get pretty > slow for amount of entries over 10k, even when using a C program that > pushes the commands right into 'tc -batch') > > Question: Is the single deletion/modification possible? If not -- > judging from the lack of the documentation on given subject I kindof > expect that it's not possible -- is there any other possibility to > delete at least some reasonably small subset of the hash table that > could be modified and recreated quickly? > > Also, here's my (failed) approach: I tried to assign different prio's > to all hashtable entries so they could be deleted by reference to that > prio, but after passing through TC they got created with the same prio > anyway.. > > Thanks for any help with this problem, Not sure I understand the exact problem, but it is possible to delete a single filter, and add a new one. Be careful, since adding a new one really adds a new filter : duplicates are not detected. $ tc filter add dev eth0 parent 8001:0 protocol ip prio 100 u32 match ip src 1.2.0.0 classid 1:3 $ tc -s -d filter show dev eth0 filter parent 8001: protocol ip pref 100 u32 filter parent 8001: protocol ip pref 100 u32 fh 800: ht divisor 1 filter parent 8001: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:3 (rule hit 4 success 0) match 01020000/ffffffff at 12 (success 0 ) $ tc filter add dev eth0 parent 8001:0 protocol ip prio 100 u32 match ip src 1.2.0.0 classid 1:3 $ tc -s -d filter show dev eth0 filter parent 8001: protocol ip pref 100 u32 filter parent 8001: protocol ip pref 100 u32 fh 800: ht divisor 1 filter parent 8001: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:3 (rule hit 4 success 0) match 01020000/ffffffff at 12 (success 0 ) filter parent 8001: protocol ip pref 100 u32 fh 800::801 order 2049 key ht 800 bkt 0 flowid 1:3 (rule hit 0 success 0) match 01020000/ffffffff at 12 (success 0 ) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists