diff options
-rw-r--r-- | src/libnetfilter_queue.c | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 0b5ede2..b2ca219 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -5,7 +5,7 @@ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation + * as published by the Free Software Foundation (or any later at your option) * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -64,7 +64,28 @@ * * To write your own program using libnetfilter_queue, you should start by reading * the doxygen documentation (start by \link LibrarySetup \endlink page) and nfqnl_test.c source file. - * + * + * \section errors ENOBUFS errors in recv() + * + * recv() may return -1 and errno is set to ENOBUFS in case that your + * application is not fast enough to retrieve the packets from the kernel. + * In that case, you can increase the socket buffer size by means of + * nfnl_rcvbufsiz(). Although this delays the appearance of ENOBUFS errors, + * you may hit it again sooner or later. The next section provides some hints + * on how to obtain the best performance for your application. + * + * \section perf Performance + * To improve your libnetfilter_queue application in terms of performance, + * you may consider the following tweaks: + * + * - increase the default socket buffer size by means of nfnl_rcvbufsiz(). + * - set nice value of your process to -20 (maximum priority). + * - set the CPU affinity of your process to a spare core that is not used + * to handle NIC interruptions. + * - set NETLINK_NO_ENOBUFS socket option to avoid receiving ENOBUFS errors + * (requires Linux kernel >= 2.6.30). + * - see --queue-balance option in NFQUEUE target for multi-threaded apps + * (it requires Linux kernel >= 2.6.31). */ struct nfq_handle |