I was considering the possibility of making an small contribution to conntrack-tool to allow the batching of commands in a single conntrack-tool call. Specifically I'm interested in batching delete commands. In some of the neutron reference implementations we make use of conntrack-tool to target and kill any active connection when security group rules are removed. That sometimes expands in thousands of calls due to combinations (worst scenario is n_port^2 calls for a very common type of rule we have). So I was considering two options: 1) Adding a mode to accept conntrack-tool actions via stdin 2) Accepting the cmdline notation of separating multiple command lines with "--" in a single call to conntrack tool. Any thoughts or recommendations in this regard? [1] http://git.openstack.org/cgit/openstack/neutron/tree/neutron/agent/linux/ip_conntrack.py#n32 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
