]> git.ipfire.org Git - thirdparty/nftables.git/commit
projects / thirdparty / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 49ac868) | patch
cache: Filter tables on kernel side
authorPhil Sutter <phil@nwl.cc>
Mon, 29 Nov 2021 14:28:33 +0000 (15:28 +0100)
committerPhil Sutter <phil@nwl.cc>
Fri, 3 Dec 2021 11:50:18 +0000 (12:50 +0100)
commita37212f2fd90739e17f3dbb96ea6284d7755bf5f
treec508b297db88ff2e2ff0e76f408173c0b33041d6tree
parent49ac868a0d5b99bad5dbf5603ebf02237a37459dcommit | diff
cache: Filter tables on kernel side

Instead of requesting a dump of all tables and filtering the data in
user space, construct a non-dump request if filter contains a table so
kernel returns only that single table.

This should improve nft performance in rulesets with many tables
present.

Signed-off-by: Phil Sutter <phil@nwl.cc>
include/mnl.h diff | blob | blame | history
include/netlink.h diff | blob | blame | history
src/cache.c diff | blob | blame | history
src/mnl.c diff | blob | blame | history
src/netlink.c diff | blob | blame | history
Mirror of git://git.netfilter.org/nftables