On Tue, Feb 11, 2014 at 12:46:48PM +0200, Tomasz Bursztyka wrote: > This will prevent too much overhead when initializing the table when > loading the configuration on builtin tables. > > Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@xxxxxxxxxxxxxxx> > --- > iptables/nft.c | 41 +++++++++++++++++++++++++++++++++-------- > iptables/nft.h | 4 +++- > iptables/xtables-arp.c | 2 +- > iptables/xtables-config.c | 2 +- > iptables/xtables-restore.c | 16 ++++++++-------- > iptables/xtables-save.c | 16 ++++++++-------- > iptables/xtables-standalone.c | 2 +- > iptables/xtables.c | 1 + > 8 files changed, 56 insertions(+), 28 deletions(-) > > diff --git a/iptables/nft.c b/iptables/nft.c > index 0283d92..4166046 100644 > --- a/iptables/nft.c > +++ b/iptables/nft.c > @@ -436,6 +436,9 @@ nft_table_builtin_add(struct nft_handle *h, struct builtin_table *_t, > struct nft_table *t; > int ret; > > + if (h->table && h->initialized) > + return 0; Does it work the autochain load if you reload with rules in different tables? eg. filter and raw. This h->initialized field is global, I think we need one per table. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
