>
> I'm wondering - how does it affect tools that load several thousands of IPs
> into a table? Like spamd, bgpd (for spam lists etc.), or pfctl for IP black
> lists (as distributed by ET).
>
> There are valid use cases with HUGE tables, but I have to admit that I didn't
> test your diff yet. Ju
> On 09.11.2015, at 22:21, Alexandr Nedvedicky
> wrote:
>
> On Sun, Nov 08, 2015 at 01:18:22PM +0100, Alexander Bluhm wrote:
>> On Sun, Nov 08, 2015 at 02:37:58AM +0100, Alexander Bluhm wrote:
+ for (i = 0; (i < size) && (rv == 0); i++) {
>>>
>>> rv is unitialized in the first interation
On Sun, Nov 08, 2015 at 01:18:22PM +0100, Alexander Bluhm wrote:
> On Sun, Nov 08, 2015 at 02:37:58AM +0100, Alexander Bluhm wrote:
> > > + for (i = 0; (i < size) && (rv == 0); i++) {
> >
> > rv is unitialized in the first interation
> >
> > > + io.pfrio_buffer = addr++;
> > > + r
Hello,
> On Wed, Oct 28, 2015 at 06:19:48PM +0100, Alexandr Nedvedicky wrote:
> > The idea has been proposed by Claudio at Varazdin.
>
> I guess the idea is to eliminate the workq. Or is ther naother
> reason to change it?
the primary goal is to kill work queues.
>
> Comments inline
>
thank
On Sun, Nov 08, 2015 at 02:37:58AM +0100, Alexander Bluhm wrote:
> > + for (i = 0; (i < size) && (rv == 0); i++) {
>
> rv is unitialized in the first interation
>
> > + io.pfrio_buffer = addr++;
> > + rv = ioctl(dev, DIOCRADDADDR, &io);
>
> I would suggest to return (-1) if
On Wed, Oct 28, 2015 at 06:19:48PM +0100, Alexandr Nedvedicky wrote:
> The idea has been proposed by Claudio at Varazdin.
I guess the idea is to eliminate the workq. Or is ther naother
reason to change it?
Comments inline
> Index: sbin/pfctl/pfctl_radix.c
> =
Hello,
this is the first patch in series of three. All patches modify PF radix
table API such the ioctl() functions accept one IP address per call.
The idea has been proposed by Claudio at Varazdin.
I still have to untangle pfr_commit_ktable() and DIOCRSETADDRS ioctl. Both
seem to be more compli
