path: root/libiptc
diff options
authorLiping Zhang <>2017-02-06 19:47:47 +0800
committerPablo Neira Ayuso <>2017-02-28 12:10:15 +0100
commit72bb3dbf0ecdf3ec96aee80e5d152c8be4394da1 (patch)
tree53cdbadd59c6aa0039e3eea22380171e7c4007a9 /libiptc
parent24f8174646123c2833bc87967b366796231b04e0 (diff)
xshared: using the blocking file lock request when we wait indefinitely
When using "-w" to avoid concurrent instances, we try to do flock() every one second until it success. But one second maybe too long in some situations, and it's hard to select a suitable interval time. So when using "iptables -w" to wait indefinitely, it's better to block until it become success. Now do some performance tests. First, flush all the iptables rules in filter table, and run "iptables -w -S" endlessly: # iptables -F # iptables -X # while : ; do iptables -w -S >&- & done Second, after adding and deleting the iptables rules 100 times, measure the time cost: # time for i in $(seq 100); do iptables -w -A INPUT iptables -w -D INPUT done Before this patch: real 1m15.962s user 0m0.224s sys 0m1.475s Apply this patch: real 0m1.830s user 0m0.168s sys 0m1.130s Signed-off-by: Liping Zhang <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'libiptc')
0 files changed, 0 insertions, 0 deletions