From patchwork Sat May 30 05:54:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: wenxu X-Patchwork-Id: 218143 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.8 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7B70C433E0 for ; Sat, 30 May 2020 05:54:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 856A22074B for ; Sat, 30 May 2020 05:54:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728349AbgE3Fy4 (ORCPT ); Sat, 30 May 2020 01:54:56 -0400 Received: from m9784.mail.qiye.163.com ([220.181.97.84]:13452 "EHLO m9784.mail.qiye.163.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725813AbgE3Fyz (ORCPT ); Sat, 30 May 2020 01:54:55 -0400 Received: from localhost.localdomain (unknown [123.59.132.129]) by m9784.mail.qiye.163.com (Hmail) with ESMTPA id 1885040F40; Sat, 30 May 2020 13:54:54 +0800 (CST) From: wenxu@ucloud.cn To: paulb@mellanox.com, marcelo.leitner@gmail.com Cc: netdev@vger.kernel.org Subject: [PATCH v2] net/sched: act_ct: add nat mangle action only for NAT-conntrack Date: Sat, 30 May 2020 13:54:51 +0800 Message-Id: <1590818091-3548-1-git-send-email-wenxu@ucloud.cn> X-Mailer: git-send-email 1.8.3.1 X-HM-Spam-Status: e1kfGhgUHx5ZQUtXWQgYFAkeWUFZSVVJTEJCQkJCTEpIQ0JMTFlXWShZQU lCN1dZLVlBSVdZDwkaFQgSH1lBWR0iNQs4HDgjQzQMCEIfPR4oL0NLOhxWVlVCQ0hIKElZV1kJDh ceCFlBWTU0KTY6NyQpLjc#WVdZFhoPEhUdFFlBWTQwWQY+ X-HM-Sender-Digest: e1kMHhlZQR0aFwgeV1kSHx4VD1lBWUc6NC46Nhw5PTgxNz9WGhoeMyMW TThPCSlVSlVKTkJLQ0pDS0JPSkxDVTMWGhIXVQweFQMOOw4YFxQOH1UYFUVZV1kSC1lBWUpJSFVO QlVKSElVSklCWVdZCAFZQUpIQkM3Bg++ X-HM-Tid: 0a726425bc212086kuqy1885040f40 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: wenxu Currently add nat mangle action with comparing invert and ori tuple. It is better to check IPS_NAT_MASK flags first to avoid non necessary memcmp for non-NAT conntrack. Signed-off-by: wenxu --- net/sched/act_ct.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c index 1a76639..2057735 100644 --- a/net/sched/act_ct.c +++ b/net/sched/act_ct.c @@ -199,6 +199,9 @@ static int tcf_ct_flow_table_add_action_nat(struct net *net, const struct nf_conntrack_tuple *tuple = &ct->tuplehash[dir].tuple; struct nf_conntrack_tuple target; + if (!(ct->status & IPS_NAT_MASK)) + return 0; + nf_ct_invert_tuple(&target, &ct->tuplehash[!dir].tuple); switch (tuple->src.l3num) {