Be the first to post a text review of High Performance Packet Classification. Rate and review a project by clicking thumbs up or thumbs down in the right column.

View all reviews

• Forum thread added

  sputta created the Build problem HiPAC v0.9.1 kernel 2.6.18 forum thread

  posted by sputta 1160 days ago

• Forum comment added

  hno commented on the RE: Algorithm forum thread

  posted by hno 1162 days ago

• Forum thread added

  kumarasundaram created the Algorithm forum thread

  posted by kumarasundaram 1369 days ago

• nf-hipac 0.9.1 file released: nf-hipac-0.9.1.tar.bz2

  o Bugfixes + fixed bug in netdev helper + fixed gcc 3.4 and 4.0 compile errors and warnings + fixed compatibility to some iptables matches (e.g. physdev)

  posted 1545 days ago

• Release of nf-hipac v0.9.1

  Version 0.9.1 fixes all bugs that have been discovered since the release of v0.9.0.

  posted by mbellion 1545 days ago

• File released: /nf-hipac/0.9.1/nf-hipac-0.9.1.tar.bz2

  posted 1545 days ago

• nf-hipac 0.9.0 file released: nf-hipac-0.9.0.tar.bz2

  New Features + ported everything to Linux kernel 2.6 + kernel patch is now fairly non-intrusive: it only adds one simple function to ip_tables.c. The rest of the patch introduces new files to the kernel. + added support for SINGLE PATH lookup + using RCU: no locking during lookup required anymore + improved lookup performance, less overhead + removed support for counters + increased number of possible dimensions from 16 to 32 + added support for hotdrop in extractor functions and hipac_match + added support for iptables 1.2.x and 1.3.x + added iptables match and target revision support + added native support for state UNTRACKED + added native support for ESTABLISHED,RELATED match + allow ranges in protocol dimension + changed semantic of parse_native_protocol: protocol definitions involving 0 now allowed + lots of changes to the nf-hipac user space tool in order to increase compatibility with iptables extensions (iptables matches and targets) o Bugfixes + fixed delete-by-rule for rules which contain a chain target + fixed delete-by-rule for rules which contain an iptables target + fixed delete of user-defined chains + rules containing a state match were not rejected if the kernel fails to load the nf-HiPAC connection tracking helper module + fixed memory leaks in nf-hipac user space tool + fixed bug that triggered kernel warnings during module removal + fixed bug that triggered spinlock context warnings during rule listings + fixed rule listing deadlock + fixed bug that caused the HiPAC core to fail whenever allocs were made that were not of size pow of 2. This bug caused panics on Linux 2.6, but never appeared on 2.4. o Details about changes in the HiPAC algorithm core: + replaced btree implementation with better rlp implementation: - based on static binary search - enables arbitrary number of wildcard dimensions - removed support for BIT_U8 dimensions + directly return defined netfilter targets from hipac_match o Details about changes in the nf-HiPAC kernel module: + required changes for Linux kernel 2.6, e.g.: - module refcounting - extractor functions - iptables matches and targets support: switching to ipt_find_target and ipt_find_match - netlink and socket changes - new kbuild language + added support for non-linear skbs + accept incomplete local ip packets + removed skb_ok function: checks now incorporated into extractor functions + complete reimplemention of netdev helper: - using netdev notifier - not based on veto functionality => patches to dev.c and netdevice.h not required anymore - no locking required during lookup + rewrote parts of netlink based kernel <-> user space communication: - using existing netlink_dump_* functions instead of patching the kernel - removed struct nfhp_err - removed 128KB allocs for skbs in kernel and user space + changed netlink proto number from 7 to 26 + added kernel thread to process the netlink messages and rule updates + replaced nf_change_prio_hook with nf_register_hook and nf_unregister_hook in order to avoid kernel patch + changed default invocation order at netfilter hooks: nf-HiPAC is now called before iptables + merged TCP_SPORT, TCP_DPORT and UDP_SPORT, UDP_DPORT into SPORT and DPORT + changed BIT_U8 to BIT_U16 dimensions in order to get rid of 8 bit support + moved state dimension to first dimension + moved fragment dimension below proto dimension + renamed tcp_flags: now called syn dimension + make sure that only the source and destination ip dimensions are wildcard dimensions. This allows the use of additional non-wildcard 32-bit dimensions. + removed superfluous connection tracking configure option

  posted 1561 days ago

• Release of nf-hipac v0.9.0

  During the development of version 0.9.0 everything was ported to Linux kernel 2.6 and large parts of the kernel code have been rewritten. The kernel patch is now fairly non-intrusive: it only adds one simple function to ip_tables.c. The rest of the patch introduces new files to the kernel. The new release fixes all known bugs and also introduces some new features.

  posted by mbellion 1561 days ago

• File released: /nf-hipac/0.9.0/nf-hipac-0.9.0.tar.bz2

  posted 1561 days ago

• nf-hipac-announce mailing list opened

  This low traffic mailinglist is recommended for every nf-hipac user to stay current with new releases, bugfixes and other interesting news concerning the project.

  posted by mbellion 2380 days ago