Hello list,
Here's a patch to speed up iptcc_find_chain_by_offset
(O(n)->O(log(n)) by creating a lookup table while
initially translating the kernel blob.
In my test case a second iptables-restore with a file containing
~50k chains with 120k~ rules takes 11s instead of 1m30s (on a VM).
iptables -vnL SOMECHAIN takes 0.5s instead of 1m12s.
Comments and suggestions would be very welcome, as would
be inclusion into the mainline distribution ;-)
Regards,
Thomas
Attachment:
0001-Speed-up-verdict-to-chain_head-mapping-by-using-bina.patch
Description: application/mbox
Attachment:
signature.asc
Description: This is a digitally signed message part
