diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2005-10-17 08:43:36 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2005-10-17 08:43:36 +0000 |
| commit | 39fabf35216b41e26fde1267b94c91b0684dcba2 (patch) | |
| tree | 4f38d7d737c137e9efdcf90a5f79c72f0a1a1ff4 /sys/netinet | |
| parent | 232a2a344188b9fbf9d6c7825619aa59ddafa7e5 (diff) | |
make pf use one mbuf tag instead of 6 distinct ones. use a little struct
in the data part for the data from the previously distinct tags.
look up the tag early and carry a pointer to it around.
makes the code easier and saves some tag lookups and thus helps performance,
as proven by tests run by Schberle Dniel <Schoeberle.Daniel@aamtech.hu>
Initially hacked up somewhere over the atlantic ocean in an A330
early testing reyk and moritz, "put it in" theo
Diffstat (limited to 'sys/netinet')
| -rw-r--r-- | sys/netinet/ip_icmp.c | 19 | ||||
| -rw-r--r-- | sys/netinet/tcp_input.c | 16 | ||||
| -rw-r--r-- | sys/netinet/udp_usrreq.c | 16 |
3 files changed, 33 insertions, 18 deletions
diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c index f82e5ab5fe7..69ffef86641 100644 --- a/sys/netinet/ip_icmp.c +++ b/sys/netinet/ip_icmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_icmp.c,v 1.68 2005/07/31 03:30:55 pascoe Exp $ */ +/* $OpenBSD: ip_icmp.c,v 1.69 2005/10/17 08:43:34 henning Exp $ */ /* $NetBSD: ip_icmp.c,v 1.19 1996/02/13 23:42:22 christos Exp $ */ /* @@ -134,8 +134,10 @@ icmp_do_error(struct mbuf *n, int type, int code, n_long dest, int destmtu) unsigned oiplen = oip->ip_hl << 2; struct icmp *icp; struct mbuf *m; - struct m_tag *mtag; unsigned icmplen, mblen; +#if NPF > 0 + struct pf_mtag *mtag; +#endif #ifdef ICMPPRINTFS if (icmpprintfs) @@ -251,13 +253,14 @@ icmp_do_error(struct mbuf *n, int type, int code, n_long dest, int destmtu) nip->ip_p = IPPROTO_ICMP; nip->ip_src = oip->ip_src; nip->ip_dst = oip->ip_dst; - /* move PF_GENERATED m_tag to new packet, if it exists */ - mtag = m_tag_find(n, PACKET_TAG_PF_GENERATED, NULL); - if (mtag != NULL) { - m_tag_unlink(n, mtag); - m_tag_prepend(m, mtag); +#if NPF > 0 + /* move PF_GENERATED to new packet, if existant XXX preserve more? */ + if ((mtag = pf_find_mtag(n)) != NULL && + mtag->flags & PF_TAG_GENERATED) { + mtag = pf_get_tag(m); + mtag->flags |= PF_TAG_GENERATED; } - +#endif m_freem(n); return (m); diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 71ff36cf3df..d95fd196561 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_input.c,v 1.190 2005/08/11 11:39:36 markus Exp $ */ +/* $OpenBSD: tcp_input.c,v 1.191 2005/10/17 08:43:34 henning Exp $ */ /* $NetBSD: tcp_input.c,v 1.23 1996/02/13 23:43:44 christos Exp $ */ /* @@ -604,19 +604,25 @@ findpcb: break; } if (inp == 0) { + int inpl_flags = 0; +#if NPF > 0 + struct pf_mtag *t; + + if ((t = pf_find_mtag(m)) != NULL && + t->flags & PF_TAG_TRANSLATE_LOCALHOST) + inpl_flags = INPLOOKUP_WILDCARD; +#endif ++tcpstat.tcps_pcbhashmiss; switch (af) { #ifdef INET6 case AF_INET6: inp = in6_pcblookup_listen(&tcbtable, - &ip6->ip6_dst, th->th_dport, m_tag_find(m, - PACKET_TAG_PF_TRANSLATE_LOCALHOST, NULL) != NULL); + &ip6->ip6_dst, th->th_dport, inpl_flags); break; #endif /* INET6 */ case AF_INET: inp = in_pcblookup_listen(&tcbtable, - ip->ip_dst, th->th_dport, m_tag_find(m, - PACKET_TAG_PF_TRANSLATE_LOCALHOST, NULL) != NULL); + ip->ip_dst, th->th_dport, inpl_flags); break; } /* diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 587ae62f5c3..46ff8c86d36 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.104 2005/05/27 04:55:28 mcbride Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.105 2005/10/17 08:43:34 henning Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -525,17 +525,23 @@ udp_input(struct mbuf *m, ...) inp = in_pcbhashlookup(&udbtable, ip->ip_src, uh->uh_sport, ip->ip_dst, uh->uh_dport); if (inp == 0) { + int inpl_reverse = 0; +#if NPF > 0 + struct pf_mtag *t; + + if ((t = pf_find_mtag(m)) != NULL && + t->flags & PF_TAG_TRANSLATE_LOCALHOST) + inpl_reverse = 1; +#endif ++udpstat.udps_pcbhashmiss; #ifdef INET6 if (ip6) { inp = in6_pcblookup_listen(&udbtable, - &ip6->ip6_dst, uh->uh_dport, m_tag_find(m, - PACKET_TAG_PF_TRANSLATE_LOCALHOST, NULL) != NULL); + &ip6->ip6_dst, uh->uh_dport, inpl_reverse); } else #endif /* INET6 */ inp = in_pcblookup_listen(&udbtable, - ip->ip_dst, uh->uh_dport, m_tag_find(m, - PACKET_TAG_PF_TRANSLATE_LOCALHOST, NULL) != NULL); + ip->ip_dst, uh->uh_dport, inpl_reverse); if (inp == 0) { udpstat.udps_noport++; if (m->m_flags & (M_BCAST | M_MCAST)) { |