lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1321287325.2272.52.camel@edumazet-HP-Compaq-6005-Pro-SFF-PC>
Date:	Mon, 14 Nov 2011 17:15:25 +0100
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Miroslav Kratochvil <exa.exa@...il.com>
Cc:	netdev@...r.kernel.org
Subject: Re: tc: deleting single entry from filter hashtable

Le dimanche 13 novembre 2011 à 22:19 +0100, Miroslav Kratochvil a
écrit :
> Hello,
> 
> I have following problem: For performance reasons I've been using a
> setup known from LARTC as 'hashing filters', just like here:
> 
> http://lartc.org/howto/lartc.adv-filter.hashing.html
> 
> For the same performance reasons, I'd like to be able to delete or
> change a _single_ entry from the hash table, so I don't need to refill
> the whole table on every change I need to do (which can get pretty
> slow for amount of entries over 10k, even when using a C program that
> pushes the commands right into 'tc -batch')
> 
> Question: Is the single deletion/modification possible? If not --
> judging from the lack of the documentation on given subject I kindof
> expect that it's not possible -- is there any other possibility to
> delete at least some reasonably small subset of the hash table that
> could be modified and recreated quickly?
> 
> Also, here's my (failed) approach: I tried to assign different prio's
> to all hashtable entries so they could be deleted by reference to that
> prio, but after passing through TC they got created with the same prio
> anyway..
> 
> Thanks for any help with this problem,

Not sure I understand the exact problem, but it is possible to delete a
single filter, and add a new one.

Be careful, since adding a new one really adds a new filter : duplicates
are not detected.

$ tc filter add dev eth0 parent 8001:0 protocol ip prio 100 u32 match ip src  1.2.0.0 classid 1:3
$ tc -s -d filter show dev eth0
filter parent 8001: protocol ip pref 100 u32 
filter parent 8001: protocol ip pref 100 u32 fh 800: ht divisor 1 
filter parent 8001: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:3  (rule hit 4 success 0)
  match 01020000/ffffffff at 12 (success 0 ) 
$ tc filter add dev eth0 parent 8001:0 protocol ip prio 100 u32 match ip src  1.2.0.0 classid 1:3
$ tc -s -d filter show dev eth0
filter parent 8001: protocol ip pref 100 u32 
filter parent 8001: protocol ip pref 100 u32 fh 800: ht divisor 1 
filter parent 8001: protocol ip pref 100 u32 fh 800::800 order 2048 key ht 800 bkt 0 flowid 1:3  (rule hit 4 success 0)
  match 01020000/ffffffff at 12 (success 0 ) 
filter parent 8001: protocol ip pref 100 u32 fh 800::801 order 2049 key ht 800 bkt 0 flowid 1:3  (rule hit 0 success 0)
  match 01020000/ffffffff at 12 (success 0 ) 



--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ