Hi Pablo, I remember you once asked for the benchmark scripts I used to compare performance of iptables-nft with -legacy in terms of command overhead and caching, as detailed in a blog[1] I wrote about it. I meanwhile managed to polish the scripts a bit and push them into a public repo, accessible here[2]. I'm not sure whether they are useful for regular runs (or even CI) as a single run takes a few hours and parallel use likely kills result precision. Cheers, Phil [1] https://developers.redhat.com/blog/2020/04/27/optimizing-iptables-nft-large-ruleset-performance-in-user-space/ [2] http://nwl.cc/cgi-bin/git/gitweb.cgi?p=ipt-sbs-bench.git;a=summary
