diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-11-04 12:53:11 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-11-08 10:59:02 +0100 |
commit | b4b234f5a29e819045679acd95820a7457d4d7de (patch) | |
tree | ccd5f16cc03b65d07922ada2fc2bf105aabeed2e /src/cli.c | |
parent | a6cc0106ac8c986030ae4d625782c6f48cea7d64 (diff) |
mnl: do not build nftnl_set element list
Do not call alloc_setelem_cache() to build the set element list in
nftnl_set. Instead, translate one single set element expression to
nftnl_set_elem object at a time and use this object to build the netlink
header.
Using a huge test set containing 1.1 million element blocklist, this
patch is reducing userspace memory consumption by 40%.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/cli.c')
0 files changed, 0 insertions, 0 deletions