Pablo Neira Ayuso wrote:
I think that it's taking the time in forking and executing, but you
can do some profiling so we can stop speculating.
How do it? It's a "simple" script that repeater N times that same thing,
more or less (where N are ~1500)
And after, also if it's not a iptables-related question, why that so
time for do the fork and execute when It's, at least, two time faster
than the test one?
P.s. Yes, I know that the same rules with iptables-restore on my
test server takes about 0.5 sec :)
So, why don't you use that interface? :)
Why leave the right way for follow the new one that you don't know where
it'll bing you? :). Ok I'll take a look for update my script system!
Thanks,
Michele
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
