Hi Florian (+ list), (resend without HTML part...) would it be feasible to have sysctl knobs to disable the counters? Easiest approach might be to keep all the counter memory allocation as it is (or as it is changed with your current work), and just not count at packet processing time. Which should make things a bit faster (no cache pollution for the RMW counter access of any matching rules.) More complicated approach might even save the whole counter memory consumption, faking 0 values when returning counters to userlevel, and ignoring userlevel supplied values (iptables-restore) best regards Patrick -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
