git: 6b94546a7ea2 - main - pf: partially depessimize pf_match_translation
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 09 Sep 2022 17:04:06 UTC
The branch main has been updated by mjg: URL: https://cgit.FreeBSD.org/src/commit/?id=6b94546a7ea2dc593f5765bd5465a8b7bb80c325 commit 6b94546a7ea2dc593f5765bd5465a8b7bb80c325 Author: Mateusz Guzik <mjg@FreeBSD.org> AuthorDate: 2022-09-09 16:37:00 +0000 Commit: Mateusz Guzik <mjg@FreeBSD.org> CommitDate: 2022-09-09 17:03:55 +0000 pf: partially depessimize pf_match_translation Reviewed by: kp Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf_lb.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/sys/netpfil/pf/pf_lb.c b/sys/netpfil/pf/pf_lb.c index 3803ff27a111..186634edbd56 100644 --- a/sys/netpfil/pf/pf_lb.c +++ b/sys/netpfil/pf/pf_lb.c @@ -136,7 +136,7 @@ pf_match_translation(struct pf_pdesc *pd, struct mbuf *m, int off, int asd = 0; r = TAILQ_FIRST(pf_main_ruleset.rules[rs_num].active.ptr); - while (r && rm == NULL) { + while (r != NULL) { struct pf_rule_addr *src = NULL, *dst = NULL; struct pf_addr_wrap *xdst = NULL; @@ -191,6 +191,12 @@ pf_match_translation(struct pf_pdesc *pd, struct mbuf *m, int off, rtableid = r->rtableid; if (r->anchor == NULL) { rm = r; + if (rm->action == PF_NONAT || + rm->action == PF_NORDR || + rm->action == PF_NOBINAT) { + rm = NULL; + } + break; } else pf_step_into_anchor(anchor_stack, &asd, &ruleset, rs_num, &r, NULL, NULL); @@ -205,9 +211,6 @@ pf_match_translation(struct pf_pdesc *pd, struct mbuf *m, int off, if (rtableid >= 0) M_SETFIB(m, rtableid); - if (rm != NULL && (rm->action == PF_NONAT || - rm->action == PF_NORDR || rm->action == PF_NOBINAT)) - return (NULL); return (rm); }