diff options
author | Phil Sutter <phil@nwl.cc> | 2018-12-11 18:44:00 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-12-12 16:44:09 +0100 |
commit | 7170f0929ef50a1a45d9fd5d058ea6178c8e56ef (patch) | |
tree | ff45193338e4cff740a7448649802b8b65a034b2 /src/trace.c | |
parent | 1a829ec0c3285baac712352c3a046a4f76013e70 (diff) |
chain: Hash chain list by name
Introduce a hash table to speedup nftnl_chain_list_lookup_byname(). In
theory this could replace the linked list completely but has been left
in place so that nftnl_chain_list_add_tail() still does what it's
supposed to and iterators return chains in original order.
Speed was tested using a simple script which creates a dump file
containing a number of custom chains and for each of them two rules in
INPUT chain jumping to it. The following table compares run-time of
iptables-legacy-restore with iptables-nft-restore before and after this
patch:
count legacy nft-old nft-new
----------------------------------------------
10000 26s 38s 31s
50000 137s 339s 149s
So while it is still not as quick, it now scales nicely (at least in
this very primitive test).
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/trace.c')
0 files changed, 0 insertions, 0 deletions