src: add chain hashtable cache

This significantly improves ruleset listing time with large rulesets (~50k rules) with _lots_ of non-base chains. # time nft list ruleset &> /dev/null Before this patch: real 0m11,172s user 0m6,810s sys 0m4,220s After this patch: real 0m4,747s user 0m0,802s sys 0m3,912s This patch also removes list_bindings from netlink_ctx since there is no need to keep a temporary list of chains anymore. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2020-08-21 12:04:12 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2020-08-26 18:52:28 +0200
commit: fbd8fb09c50bcee3f046dce2281f25baa4e14927 (patch)
tree: f70bedf2084f2ea3526e945430f9910922164445 /include/cache.h
parent: 913979f882d13360cba11fd4402d193d74b0396a (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/include/cache.h b/include/cache.h
index b9db1a8f..baa2bb29 100644
--- a/include/cache.h
+++ b/include/cache.h
@@ -45,4 +45,18 @@ static inline uint32_t djb_hash(const char *key)
 	return hash;
 }
 
+#define NFT_CACHE_HSIZE 8192
+
+struct netlink_ctx;
+struct table;
+struct chain;
+struct handle;
+
+struct nftnl_chain_list *chain_cache_dump(struct netlink_ctx *ctx, int *err);
+int chain_cache_init(struct netlink_ctx *ctx, struct table *table,
+		     struct nftnl_chain_list *chain_cache);
+void chain_cache_add(struct chain *chain, struct table *table);
+struct chain *chain_cache_find(const struct table *table,
+			       const struct handle *handle);
+
 #endif /* _NFT_CACHE_H_ */
author	Pablo Neira Ayuso <pablo@netfilter.org>	2020-08-21 12:04:12 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2020-08-26 18:52:28 +0200
commit	fbd8fb09c50bcee3f046dce2281f25baa4e14927 (patch)
tree	f70bedf2084f2ea3526e945430f9910922164445 /include/cache.h
parent	913979f882d13360cba11fd4402d193d74b0396a (diff)