Re: [PATCH 0/3] netfilter : 3 patches to boost ip_tables performance

From: Henrik Nordstrom
Date: Wed Sep 28 2005 - 05:35:05 EST

Next message: Clemens Koller: "2.6.13.2 crash on shutdown on SMP machine"
Previous message: KUROSAWA Takahiro: "Re: [PATCH 1/3] CPUMETER: add cpumeter framework to the CPUSETS"
In reply to: Andi Kleen: "Re: [PATCH 0/3] netfilter : 3 patches to boost ip_tables performance"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 28 Sep 2005, Harald Welte wrote:

Just imagine all those poor sysadmins who know nothing about current
kernel development, and who upgrade their kernel because their
distributor provides a new one - suddenly their accounting (which might
be relevant for their business) doesn't work anymore :(

You seriously expect anyone is using the counters on the policy rule in otherwise completely empty rulesets? These counters is also available elsewhere (route and interface statistics) and more intuitively so.

yes, even though we could make the ip_nat / iptable_nat split (that is
introduced in 2.6.14) in a way that would make ip_nat.ko register those
hooks that are implicitly needed, and iptable_nat only the user-visible
chain-related hooks.

Which adds additional overhead, so this approach is a bit counter-productive I would say.

Regards
Henrik
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Clemens Koller: "2.6.13.2 crash on shutdown on SMP machine"
Previous message: KUROSAWA Takahiro: "Re: [PATCH 1/3] CPUMETER: add cpumeter framework to the CPUSETS"
In reply to: Andi Kleen: "Re: [PATCH 0/3] netfilter : 3 patches to boost ip_tables performance"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]