On Tuesday 2012-01-24 15:28, Alex Bligh wrote: > I have a legacy application which forwards lots of packets (router, > essentially) and uses a lot of sometimes badly written autogenerated > iptables rules (about 3,000 of them). > > I am seeing on a good day high route cache efficiency. Do packets > which do not follow the slow path (i.e. cache hits) also cache > what iptables rules they hit? Nothing fancy in use bar conn_track. Whether the route lookup was satisfied by cache or not plays no role for Xtables execution. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
