nft: Move send/receive buffer sizes into nft_handle

author Phil Sutter <phil@nwl.cc>

Wed, 3 Jul 2019 07:36:26 +0000 (09:36 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Wed, 3 Jul 2019 11:19:32 +0000 (13:19 +0200)
author Phil Sutter <phil@nwl.cc>
Wed, 3 Jul 2019 07:36:26 +0000 (09:36 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Wed, 3 Jul 2019 11:19:32 +0000 (13:19 +0200)
diff --git a/iptables/nft.c b/iptables/nft.c

index 4a5280916e3b1913a3b5b4dcfb2eb11ae3f41505..e927d1db2b426930c104b9b36bf4fb8d1832b112 100644 (file)
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -186,13 +186,11 @@ static void mnl_err_list_free(struct mnl_err *err)
         free(err);
  }
  
-static int nlbuffsiz;
-
  static void mnl_set_sndbuffer(struct nft_handle *h)
  {
         int newbuffsiz = nftnl_batch_iovec_len(h->batch) * BATCH_PAGE_SIZE;
  
-       if (newbuffsiz <= nlbuffsiz)
+       if (newbuffsiz <= h->nlsndbuffsiz)
                 return;
  
         /* Rise sender buffer length to avoid hitting -EMSGSIZE */
@@ -200,23 +198,22 @@ static void mnl_set_sndbuffer(struct nft_handle *h)
                        &newbuffsiz, sizeof(socklen_t)) < 0)
                 return;
  
-       nlbuffsiz = newbuffsiz;
+       h->nlsndbuffsiz = newbuffsiz;
  }
  
-static int nlrcvbuffsiz;
-
  static void mnl_set_rcvbuffer(struct nft_handle *h, int numcmds)
  {
         int newbuffsiz = getpagesize() * numcmds;
  
-       if (newbuffsiz <= nlrcvbuffsiz)
+       if (newbuffsiz <= h->nlrcvbuffsiz)
                 return;
  
+       /* Rise receiver buffer length to avoid hitting -ENOBUFS */
         if (setsockopt(mnl_socket_get_fd(h->nl), SOL_SOCKET, SO_RCVBUFFORCE,
                        &newbuffsiz, sizeof(socklen_t)) < 0)
                 return;
  
-       nlrcvbuffsiz = newbuffsiz;
+       h->nlrcvbuffsiz = newbuffsiz;
  }
  
  static ssize_t mnl_nft_socket_sendmsg(struct nft_handle *h, int numcmds)
@@ -807,8 +804,8 @@ static int nft_restart(struct nft_handle *h)
                 return -1;
  
         h->portid = mnl_socket_get_portid(h->nl);
-       nlbuffsiz = 0;
-       nlrcvbuffsiz = 0;
+       h->nlsndbuffsiz = 0;
+       h->nlrcvbuffsiz = 0;
  
         return 0;
  }
diff --git a/iptables/nft.h b/iptables/nft.h

index 43eb8a39dd9c1d5db1cdde344b1717135dc23743..dc1161840a38c1d3b750bfe6207effff64c0268c 100644 (file)
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -38,6 +38,8 @@ struct nft_cache {
  struct nft_handle {
         int                     family;
         struct mnl_socket       *nl;
+       int                     nlsndbuffsiz;
+       int                     nlrcvbuffsiz;
         uint32_t                portid;
         uint32_t                seq;
         uint32_t                nft_genid;
author	Phil Sutter <phil@nwl.cc>
	Wed, 3 Jul 2019 07:36:26 +0000 (09:36 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 3 Jul 2019 11:19:32 +0000 (13:19 +0200)
iptables/nft.c		patch \| blob \| blame \| history
iptables/nft.h		patch \| blob \| blame \| history