Jan Engelhardt wrote:
On Friday 2008-04-11 15:01, Thomas Mader wrote:
I thought about explanations for this but I don't come to reasonable
explanations for this behaviour. Shouldn't the kernelspace module be faster?
Why is it slower?
You are using a raw socket in userspace, which effectively
bypasses Netfilter.
To make a meaningful test of it, the PF_RAW code would need
an NF_HOOK into iptables to make a more accurate comparison I think.
Packets sockets bypass netfilter, raw sockets don't.
I have no explanation for the values you're seeing
though.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
