Hello everyone,
I am playing with nf_netlink_queue handler and built an empty handler
based on "nfqnl_test.c" from the distribution, it just accept all packet
without any checks at all.
To test its performance I installed Lighttpd on the same machine, and
used http_load to benchmark the performance.
Without any thing queued to the user space I achieved ~20000K fetches
per second, but when I enabled user space filtering the performance
dropped to ~2600 fetches per second.
I used this rule to queue all HTTP traffic to the queue handler:
# iptables -A myhttp -p tcp --dport 80 -j QUEUE
Is this drop in performance normal, and is there any way to improve the
performance.
Thanks,
Rayed
