[..
> I have fixed some of the ruleset parsing issues in libiptc. (50k chains
> ruleset listing reduced from 5 minuts to 0.5 sec).
>
[..]
> There are still some libiptc scalability issues left... That I promised
> Patrick I would solve... Lets hope I'll fix them before the workshop ;-)
That's great news, hopefully those changes will end up in the mainline
releases pretty soon ;-)
> If doing a lot of rule changes, you should definitly use iptables-restore
> or CPAN perl module IPTables::libiptc.
Incidentally, what happens during the time changes are being processed
by iptables-restore/the kernel. More specifically, do I need to
worry about packets being blocked/dropped when I would do a lot of
rule updates?
Regards,
Thomas
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
