Pablo Neira Ayuso wrote:
Patrick McHardy wrote:
I agree with Eric, its a useful option for avoiding overhead in
userspace, and what counts in the end is the accumulated overhead
of both kernel and userspace. If userspace can avoid dealing with
tuples and complicated bookkeeping it can read messages faster,
thus avoiding recv-queue overflows.
Then, dump the id but not the mark if he wants to identify a conntrack.
That probably won't help since the ID is chosen arbitarily, while the
mark allows you to encode information. I don't see the big problem here,
it only increases the message size if marks are actually used.
I'm also sure you could decrease overhead far more by choosing a proper
allocation size without affecting functionality thats apparently useful
for some people.
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html