On Thursday 2011-06-09 16:07, Tihomir Katic wrote: > >Also, I have been doing some tests, and in config.txt you will see: >## Optimal size of multiport - port array >port_array_size_optimal = 10 > >It means, it will merge 2 rules for example --dport 1:5 and --dport >21:25 into -m multiport --dports 1,2,3,4,5,21,22,23,24,25 This should be -m multiport --dports 1:5,21:25 >But, based on my recent tests, it should be >port_array_size_optimal = 15 Yes, multiport can hold 15 "things". >rule with --dport 1:5 takes e.g. ~0.2 us >and rule with 15 elements in multiport array lasts ~0.4us, so it is >pretty much the same That is purely noise. You need a lot more rules (10000 and up) to measure an effect. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
