[NETFILTER]: nf_conntrack: reduce timer updates in __nf_ct_refresh_ac…

…ct() Only update the conntrack timer if there's been at least HZ jiffies since the last update. Reduces the number of del_timer/add_timer cycles from one per packet to one per connection per second (plus once for each state change of a connection) Should handle timer wraparounds and connection timeout changes. Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se> Signed-off-by: Patrick McHardy <kaber@trash.net>
git-mirror · Dec 3, 2006 · be00c8e · be00c8e
1 parent 824621e
commit be00c8e
Showing 1 changed file with 8 additions and 3 deletions.
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
@@ -864,9 +864,14 @@ void __nf_ct_refresh_acct(struct nf_conn *ct,
 		ct->timeout.expires = extra_jiffies;
 		event = IPCT_REFRESH;
 	} else {
-		/* Need del_timer for race avoidance (may already be dying). */
-		if (del_timer(&ct->timeout)) {
-			ct->timeout.expires = jiffies + extra_jiffies;
+		unsigned long newtime = jiffies + extra_jiffies;
+
+		/* Only update the timeout if the new timeout is at least
+		   HZ jiffies from the old timeout. Need del_timer for race
+		   avoidance (may already be dying). */
+		if (newtime - ct->timeout.expires >= HZ
+		    && del_timer(&ct->timeout)) {
+			ct->timeout.expires = newtime;
 			add_timer(&ct->timeout);
 			event = IPCT_REFRESH;
 		}