diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-11-02 21:35:42 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-11-02 21:35:42 +0100 |
| commit | 76ac8ebe5e49385585c8e29fe530ed4baef390bf (patch) | |
| tree | 4d0bdca7d2f039a173152dde44818b13d485ec49 /include | |
| parent | 64ce47955778805afceb6ced58b63839763541ad (diff) | |
| download | conntrack-tools-76ac8ebe5e49385585c8e29fe530ed4baef390bf.tar.gz conntrack-tools-76ac8ebe5e49385585c8e29fe530ed4baef390bf.zip | |
network: rework TLV-based protocol
This patch reworks the TLV-based protocol to reduce the overhead
in the message building. The idea is to group some attributes
that must be present in a consistent configuration. Putting them
together help us to save some cycles in the message building.
Now, oprofile reports ~15% of samples in the build path instead
of ~25%. CPU consumption for 3000 HTTP GET requests per second
(1000 concurrent with apache benchmark tool) is ~45% in my
testbed, that is ~19% more consumption than with no replication
at all.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/network.h | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/include/network.h b/include/network.h index d2431f9..2487c81 100644 --- a/include/network.h +++ b/include/network.h @@ -178,6 +178,35 @@ struct netattr { #define NTA_ALIGN(len) (((len) + NTA_ALIGNTO - 1) & ~(NTA_ALIGNTO - 1)) #define NTA_LENGTH(len) (NTA_ALIGN(sizeof(struct netattr)) + (len)) +enum nta_attr { + NTA_IPV4 = 0, /* struct nfct_attr_grp_ipv4 */ + NTA_IPV6, /* struct nfct_attr_grp_ipv6 */ + NTA_L4PROTO, /* uint8_t */ + NTA_PORT, /* struct nfct_attr_grp_port */ + NTA_STATE = 4, /* uint8_t */ + NTA_STATUS, /* uint32_t */ + NTA_TIMEOUT, /* uint32_t */ + NTA_MARK, /* uint32_t */ + NTA_MASTER_IPV4 = 8, /* struct nfct_attr_grp_ipv4 */ + NTA_MASTER_IPV6, /* struct nfct_attr_grp_ipv6 */ + NTA_MASTER_L4PROTO, /* uint8_t */ + NTA_MASTER_PORT, /* struct nfct_attr_grp_port */ + NTA_SNAT_IPV4 = 12, /* uint32_t */ + NTA_DNAT_IPV4, /* uint32_t */ + NTA_SPAT_PORT, /* uint16_t */ + NTA_DPAT_PORT, /* uint16_t */ + NTA_NAT_SEQ_ADJ = 16, /* struct nta_attr_natseqadj */ +}; + +struct nta_attr_natseqadj { + uint32_t orig_seq_correction_pos; + uint32_t orig_seq_offset_before; + uint32_t orig_seq_offset_after; + uint32_t repl_seq_correction_pos; + uint32_t repl_seq_offset_before; + uint32_t repl_seq_offset_after; +}; + void build_netpld(struct nf_conntrack *ct, struct netpld *pld, int query); int parse_netpld(struct nf_conntrack *ct, struct nethdr *net, int *query, size_t remain); |