diff options
author | Jozsef Kadlecsik <kadlec@netfilter.org> | 2020-10-29 16:39:48 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-10-31 11:54:42 +0100 |
commit | ccf0a4b7fc688561428290265e4effde41446668 (patch) | |
tree | ec0972501cdc0b4d899371c552b84c9a592d7840 /include/uapi/linux/netfilter | |
parent | netfilter: ipset: Support the -exist flag with the destroy command (diff) | |
download | linux-dev-ccf0a4b7fc688561428290265e4effde41446668.tar.xz linux-dev-ccf0a4b7fc688561428290265e4effde41446668.zip |
netfilter: ipset: Add bucketsize parameter to all hash types
The parameter defines the upper limit in any hash bucket at adding new entries
from userspace - if the limit would be exceeded, ipset doubles the hash size
and rehashes. It means the set may consume more memory but gives faster
evaluation at matching in the set.
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/uapi/linux/netfilter')
-rw-r--r-- | include/uapi/linux/netfilter/ipset/ip_set.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/include/uapi/linux/netfilter/ipset/ip_set.h b/include/uapi/linux/netfilter/ipset/ip_set.h index 11a72a938eb1..398f7b909b7d 100644 --- a/include/uapi/linux/netfilter/ipset/ip_set.h +++ b/include/uapi/linux/netfilter/ipset/ip_set.h @@ -96,7 +96,7 @@ enum { IPSET_ATTR_HASHSIZE, IPSET_ATTR_MAXELEM, IPSET_ATTR_NETMASK, - IPSET_ATTR_PROBES, + IPSET_ATTR_BUCKETSIZE, /* was unused IPSET_ATTR_PROBES */ IPSET_ATTR_RESIZE, IPSET_ATTR_SIZE, /* Kernel-only */ @@ -214,6 +214,8 @@ enum ipset_cadt_flags { enum ipset_create_flags { IPSET_CREATE_FLAG_BIT_FORCEADD = 0, IPSET_CREATE_FLAG_FORCEADD = (1 << IPSET_CREATE_FLAG_BIT_FORCEADD), + IPSET_CREATE_FLAG_BIT_BUCKETSIZE = 1, + IPSET_CREATE_FLAG_BUCKETSIZE = (1 << IPSET_CREATE_FLAG_BIT_BUCKETSIZE), IPSET_CREATE_FLAG_BIT_MAX = 7, }; |