From: Patrick McHardy <kaber@trash.net>
Date: Sun, 8 Jul 2007 05:37:38 +0000 (-0700)
Subject: [NETFILTER]: nf_conntrack: early_drop improvement
X-Git-Tag: v2.6.23-rc1~1109^2~55
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7ae7730fd6d98be1afe8ad9ea77813de607ec970;p=pandora-kernel.git

[NETFILTER]: nf_conntrack: early_drop improvement

When the maximum number of conntrack entries is reached and a new
one needs to be allocated, conntrack tries to drop an unassured
connection from the same hash bucket the new conntrack would hash
to. Since with a properly sized hash the average number of entries
per bucket is 1, the chances of actually finding one are not very
good. This patch makes it walk the hash until a minimum number of
8 entries are checked.

Based on patch by Vasily Averin <vvs@sw.ru>.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

Reading git-diff-tree failed