On Sunday 2010-07-04 19:22, Simon Lodal wrote: > >I think it is a question of granularity. At what level do we use lists, vs. >blobs? It seems to be a flexibility/performance tradeoff. I have hundreds of >kpps 24/7 and rarely reload rules, so I am strictly in the performance camp >:-) > >Chain granularity that we have now is maybe too big. Xt1 has table-level granularity. And the problem with blobs is that you first need to find a memory area large enough to fit it in - which is why vmalloc is already in use today. >Match/target granularity >that you use is apparently too small. Also, is the ability to edit matches and >targets really useful? Perhaps rule granularity (keep each rule as one blob) >is right. I'll try. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
