#include <linux/netfilter_ipv4/ip_set_iptree.h>
+static int limit = MAX_RANGE;
+
/* Garbage collection interval in seconds: */
#define IPTREE_GC_TIME 5*60
/* Sleep so many milliseconds before trying again
struct ip_set_iptreec *ctree;
struct ip_set_iptreed *dtree;
unsigned char a,b,c,d;
+
+ if (!ip)
+ return -ERANGE;
*hash_ip = ip;
ABCD(a, b, c, d, hash_ip);
unsigned char a,b,c,d;
int ret = 0;
+ if (!ip || map->elements > limit)
+ /* We could call the garbage collector
+ * but it's probably overkill */
+ return -ERANGE;
+
*hash_ip = ip;
ABCD(a, b, c, d, hash_ip);
DP("%u %u %u %u timeout %u", a, b, c, d, timeout);
if (dtree->expires[d] == 0)
dtree->expires[d] = 1;
DP("%u %lu", d, dtree->expires[d]);
+ if (ret == 0)
+ map->elements++;
return ret;
}
struct ip_set_iptreed *dtree;
unsigned char a,b,c,d;
+ if (!ip)
+ return -ERANGE;
+
*hash_ip = ip;
ABCD(a, b, c, d, hash_ip);
DELIP_WALK(map, a, btree);
if (dtree->expires[d]) {
dtree->expires[d] = 0;
+ map->elements--;
return 0;
}
return -EEXIST;
a, b, c, d,
dtree->expires[d], jiffies);
if (map->timeout
- && time_before(dtree->expires[d], jiffies))
+ && time_before(dtree->expires[d], jiffies)) {
dtree->expires[d] = 0;
- else
+ map->elements--;
+ } else
k = 1;
}
}
}
memset(map, 0, sizeof(*map));
map->timeout = req->timeout;
+ map->elements = 0;
set->data = map;
init_gc_timer(set);
LOOP_WALK_END;
kmem_cache_free(branch_cachep, btree);
LOOP_WALK_END;
+ map->elements = 0;
}
static void destroy(struct ip_set *set)
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
MODULE_DESCRIPTION("iptree type of IP sets");
+module_param(limit, int, 0600);
+MODULE_PARM_DESC(limit, "maximal number of elements stored in the sets");
static int __init init(void)
{