On Saturday 2010-02-06 02:31, Jan Engelhardt wrote: >>Sure .. but I don't think it will matter much in comparision to large >>rulesets. I usually use get_cycles() in nf_hook_slow() to calculate >>the cycles spent in the netfilter hook functions. In this case just >>measuring the difference before and after with all affected tables >>loaded, but without any rules, seems fine to me. > >Seems to be promising, > >> summary(base) > Min. 1st Qu. Median Mean 3rd Qu. Max. > 15520 15520 15520 15520 15520 15520 >> summary(old) > Min. 1st Qu. Median Mean 3rd Qu. Max. > 11890 17900 21370 20440 22680 53210 >> summary(new) > Min. 1st Qu. Median Mean 3rd Qu. Max. > 11430 14770 17660 18300 20830 34510 > >What surprises me a bit is that there is no fluctuation whatsoever >in the base case. I reworked my timer code a little (like adding a spinlock and counting every packet, not just 1000 random ones), leading to NF_MAX_HOOKS (8) hooks. cycles/packet ×8, packets total ×8 base:8174,501,0,8671,449,0,0,0,44551,44551,0,19927,19927,0,0,0 old:10435,2548,0,12437,1429,0,0,0,44575,44575,0,17623,17623,0,0,0 new:10078,2432,0,12468,1423,0,0,0,44581,44581,0,17510,17510,0,0,0 So the two (old/new) are so close together that I declare it within the margin of measuring error (which, physicists will notice, we don't even know). The ~44k packets are generated by doing wget linux-2.6.31.1.tar.bz2. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
