]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 55ddb6c) | patch
netfilter: ctnetlink: support CTA_FILTER for flush
authorChangliang Wu <changliang.wu@smartx.com>
Thu, 20 Jun 2024 11:35:27 +0000 (19:35 +0800)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 3 Sep 2024 08:47:16 +0000 (10:47 +0200)
commit1ef7f50ccc6e8e2b5de96ad1e304684a277a3055
treeaba0641aa02bdb7d027f29a9f76a2a1016db8ad9tree | snapshot
parent55ddb6c5a3aef8d8658fe31b1ddda007693ae797commit | diff
netfilter: ctnetlink: support CTA_FILTER for flush

From cb8aa9a, we can use kernel side filtering for dump, but
this capability is not available for flush.

This Patch allows advanced filter with CTA_FILTER for flush

Performace
1048576 ct flows in total, delete 50,000 flows by origin src ip
3.06s -> dump all, compare and delete
584ms -> directly flush with filter

Signed-off-by: Changliang Wu <changliang.wu@smartx.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_conntrack_netlink.c diff | blob | blame | history
A mirror of Linus' kernel repository