From 79a7dc4da9702d05c5085acffe1c4f9cf72c26a6 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Wed, 21 Jun 2017 03:55:31 +0200
Subject: ratelimiter: rewrite from scratch

This not only removes the depenency on x_tables, but it also gives us
much better performance and memory usage. Now, systems are able to have
millions of WireGuard interfaces, without having to worry about a
thundering herd of garbage collection.
---
 src/ratelimiter.h | 22 ++++------------------
 1 file changed, 4 insertions(+), 18 deletions(-)

(limited to 'src/ratelimiter.h')

diff --git a/src/ratelimiter.h b/src/ratelimiter.h
index c4dc9a7..fed73f7 100644
--- a/src/ratelimiter.h
+++ b/src/ratelimiter.h
@@ -3,24 +3,10 @@
 #ifndef RATELIMITER_H
 #define RATELIMITER_H
 
-#include <uapi/linux/netfilter/xt_hashlimit.h>
+#include <linux/skbuff.h>
 
-struct wireguard_device;
-struct sk_buff;
-
-struct ratelimiter {
-	struct net *net;
-	struct xt_hashlimit_mtinfo1 v4_info;
-#if IS_ENABLED(CONFIG_IPV6)
-	struct xt_hashlimit_mtinfo1 v6_info;
-#endif
-};
-
-int ratelimiter_init(struct ratelimiter *ratelimiter, struct wireguard_device *wg);
-void ratelimiter_uninit(struct ratelimiter *ratelimiter);
-bool ratelimiter_allow(struct ratelimiter *ratelimiter, struct sk_buff *skb);
-
-int ratelimiter_module_init(void);
-void ratelimiter_module_deinit(void);
+int ratelimiter_init(void);
+void ratelimiter_uninit(void);
+bool ratelimiter_allow(struct sk_buff *skb, struct net *net);
 
 #endif
-- 
cgit v1.2.3-59-g8ed1b