From patchwork Wed Aug  2 09:14:43 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Taehee Yoo <ap420073@gmail.com>
X-Patchwork-Id: 796570
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="guf5LgmP"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3xMnZj4VDwz9t0F
	for <incoming@patchwork.ozlabs.org>;
	Wed,  2 Aug 2017 19:14:53 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752365AbdHBJOw (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Wed, 2 Aug 2017 05:14:52 -0400
Received: from mail-pf0-f193.google.com ([209.85.192.193]:38753 "EHLO
	mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752323AbdHBJOv (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Wed, 2 Aug 2017 05:14:51 -0400
Received: by mail-pf0-f193.google.com with SMTP id e3so5427258pfc.5
	for <netfilter-devel@vger.kernel.org>;
	Wed, 02 Aug 2017 02:14:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=lxI6AFwqOQk/MbitbtD5M2pTzLcsyziWOtvAEGpGjb8=;
	b=guf5LgmPDx3UERwBeXe80fpcORBAAfidHlKyXRDgKm2+hF2FR8KQSI+KjckFjSvzI7
	IWnTJEJ8F5dE52Fve5Xp1OeK6uOveGp/k4Ie+cCBV+4zwPCdO1gXNw/Ww00z92ZJozCN
	cfx/ADdhs4P/Jnz5MdcgOrg/6WJ0nxWDkwAvFnSdrBhl4jjlS7THD1le+YRC4YodOwOa
	Ks436xAOyikhwY8Cdu7rTqgV7w3y0AVCpP9C2covIorcf+5WeRT+RfHBoDKfeC9H+Jus
	sM4b49yeYR40BEB1DjyQ7QZcmtwu3fZ0GWtyyXtlGp5yLU8ba5rx/HrK9DhBIrAJ+RA2
	8uCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=lxI6AFwqOQk/MbitbtD5M2pTzLcsyziWOtvAEGpGjb8=;
	b=Hxt77hY74KCCSw2YBp2FexNgrRdVsF/nO/zhF78BGV6TSWmf03nZ9P7Y4zzHjpdMXj
	3HSkwy8jEwLyCPpN3FO4iuEFTo17dAwAB2jQR0j/qwznRYjSnG6e22hYPlT7hoiH2a68
	y6dTm+BE3lPYC7eHkAROGy//NnkRHAI+h7kLUfbihYxz0/3BBoGEZNRIzWhwVHe1z/5h
	yUujOgiO2tJ4cAJy364ROVDQ0GDrsNvn1K1PDDXuJpsjpd0SudJWSRKF6TrNIZ1lpF3Z
	DFFOVaf7DWXX76YyQXYNnqcPMCT/anbn6otaBrELGlkBfCvshig9OVjbl6B0l+KNRfPm
	zcMg==
X-Gm-Message-State: AIVw110bR/89vBpCu+JLIPKZxI7sS3LR7j9qolc6mWfDxhWtkw+cgdaw
	zbpwopa5cw0npg==
X-Received: by 10.84.214.22 with SMTP id h22mr23907339pli.277.1501665291373;
	Wed, 02 Aug 2017 02:14:51 -0700 (PDT)
Received: from thyoo-B70EV-AP77BXE.8.8.8.8 ([175.113.82.80])
	by smtp.gmail.com with ESMTPSA id
	m190sm36340877pfb.102.2017.08.02.02.14.49
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Wed, 02 Aug 2017 02:14:50 -0700 (PDT)
From: Taehee Yoo <ap420073@gmail.com>
To: pablo@netfilter.org, fw@strlen.de, netfilter-devel@vger.kernel.org
Cc: ap420073@gmail.com
Subject: [PATCH] netfilter: connlimit: merge root4 and root6.
Date: Wed,  2 Aug 2017 18:14:43 +0900
Message-Id: <20170802091443.32713-1-ap420073@gmail.com>
X-Mailer: git-send-email 2.9.3
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

The root4 variable is used only when connlimit extension module has been
stored by the iptables command. and the roo6 variable is used only when
connlimit extension module has been stored by the ip6tables command.
So the root4 and roo6 variable does not be used at the same time.

Signed-off-by: Taehee Yoo <ap420073@gmail.com>
---
 net/netfilter/xt_connlimit.c | 23 ++++++++---------------
 1 file changed, 8 insertions(+), 15 deletions(-)

diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
index 97589b8..ffa8eec 100644
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c
@@ -58,8 +58,7 @@ struct xt_connlimit_rb {
 static spinlock_t xt_connlimit_locks[CONNLIMIT_LOCK_SLOTS] __cacheline_aligned_in_smp;
 
 struct xt_connlimit_data {
-	struct rb_root climit_root4[CONNLIMIT_SLOTS];
-	struct rb_root climit_root6[CONNLIMIT_SLOTS];
+	struct rb_root climit_root[CONNLIMIT_SLOTS];
 };
 
 static u_int32_t connlimit_rnd __read_mostly;
@@ -294,13 +293,11 @@ static int count_them(struct net *net,
 	int count;
 	u32 hash;
 
-	if (family == NFPROTO_IPV6) {
+	if (family == NFPROTO_IPV6)
 		hash = connlimit_iphash6(addr, mask);
-		root = &data->climit_root6[hash];
-	} else {
+	else
 		hash = connlimit_iphash(addr->ip & mask->ip);
-		root = &data->climit_root4[hash];
-	}
+	root = &data->climit_root[hash];
 
 	spin_lock_bh(&xt_connlimit_locks[hash % CONNLIMIT_LOCK_SLOTS]);
 
@@ -379,10 +376,8 @@ static int connlimit_mt_check(const struct xt_mtchk_param *par)
 		return -ENOMEM;
 	}
 
-	for (i = 0; i < ARRAY_SIZE(info->data->climit_root4); ++i)
-		info->data->climit_root4[i] = RB_ROOT;
-	for (i = 0; i < ARRAY_SIZE(info->data->climit_root6); ++i)
-		info->data->climit_root6[i] = RB_ROOT;
+	for (i = 0; i < ARRAY_SIZE(info->data->climit_root); ++i)
+		info->data->climit_root[i] = RB_ROOT;
 
 	return 0;
 }
@@ -413,10 +408,8 @@ static void connlimit_mt_destroy(const struct xt_mtdtor_param *par)
 
 	nf_ct_netns_put(par->net, par->family);
 
-	for (i = 0; i < ARRAY_SIZE(info->data->climit_root4); ++i)
-		destroy_tree(&info->data->climit_root4[i]);
-	for (i = 0; i < ARRAY_SIZE(info->data->climit_root6); ++i)
-		destroy_tree(&info->data->climit_root6[i]);
+	for (i = 0; i < ARRAY_SIZE(info->data->climit_root); ++i)
+		destroy_tree(&info->data->climit_root[i]);
 
 	kfree(info->data);
 }