diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-08-21 12:04:12 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-08-26 18:52:28 +0200 |
commit | fbd8fb09c50bcee3f046dce2281f25baa4e14927 (patch) | |
tree | f70bedf2084f2ea3526e945430f9910922164445 /src/evaluate.c | |
parent | 913979f882d13360cba11fd4402d193d74b0396a (diff) |
src: add chain hashtable cache
This significantly improves ruleset listing time with large rulesets
(~50k rules) with _lots_ of non-base chains.
# time nft list ruleset &> /dev/null
Before this patch:
real 0m11,172s
user 0m6,810s
sys 0m4,220s
After this patch:
real 0m4,747s
user 0m0,802s
sys 0m3,912s
This patch also removes list_bindings from netlink_ctx since there is no
need to keep a temporary list of chains anymore.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/evaluate.c')
-rw-r--r-- | src/evaluate.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index b64ed3c0..320a464f 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -3855,7 +3855,7 @@ static int rule_cache_update(struct eval_ctx *ctx, enum cmd_ops op) if (!table) return table_not_found(ctx); - chain = chain_lookup(table, &rule->handle); + chain = chain_cache_find(table, &rule->handle); if (!chain) return chain_not_found(ctx); @@ -3999,12 +3999,12 @@ static int chain_evaluate(struct eval_ctx *ctx, struct chain *chain) if (chain_lookup(table, &ctx->cmd->handle) == NULL) { chain = chain_alloc(NULL); handle_merge(&chain->handle, &ctx->cmd->handle); - chain_add_hash(chain, table); + chain_cache_add(chain, table); } return 0; } else if (!(chain->flags & CHAIN_F_BINDING)) { if (chain_lookup(table, &chain->handle) == NULL) - chain_add_hash(chain_get(chain), table); + chain_cache_add(chain_get(chain), table); } if (chain->flags & CHAIN_F_BASECHAIN) { |