Hi, Could you send your code I'd like to run it on my platform. I want to see I I came to the same result and I will try next to optimize libnetfilter_queue. In fact, I've done some bench on NuFW and found a similar result. Here's the article (in french) with some graphs : http://nufw.org/Tests-de-performance-intensifs-sur.html BR, Le vendredi 15 juin 2007 à 01:04 +0300, Rayed Alrashed a écrit : > Hello everyone, > > I am playing with nf_netlink_queue handler and built an empty handler > based on "nfqnl_test.c" from the distribution, it just accept all packet > without any checks at all. > > To test its performance I installed Lighttpd on the same machine, and > used http_load to benchmark the performance. > > Without any thing queued to the user space I achieved ~20000K fetches > per second, but when I enabled user space filtering the performance > dropped to ~2600 fetches per second. > > I used this rule to queue all HTTP traffic to the queue handler: > # iptables -A myhttp -p tcp --dport 80 -j QUEUE > > Is this drop in performance normal, and is there any way to improve the > performance. > > Thanks, > Rayed
