On Wed, Feb 20, 2002 at 11:03:22AM +0000, Gianni Tedesco wrote: > The reason I made them seperate is that they are quite large (12KB > altogether), the tables get written over for every packet each rule > sees. It seems like a waste of memory to have them replicated once per > rule per cpu if I could quite easily just do them once per cpu.
ok. I haven't looked at the code yet, sorry. But if there is no persistent data this is of course the right way. So it's just some preallocated memory whihc is reused all the time. > I currently have a fix which makes them an array which i index with > smp_processor_id(). If the checkentry function can be reentered on a UP > machine then this will break however... No, I cannot see how this should ever happen on UP. The whole iptables subsystem is called from within the network RX softirq, which is not reentrant on a single cpu. > // Gianni Tedesco <[EMAIL PROTECTED]> -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
