git.ipfire.org Git - thirdparty/nftables.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 21 Aug 2020 10:04:12 +0000 (12:04 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 26 Aug 2020 16:52:28 +0000 (18:52 +0200)
commit	fbd8fb09c50bcee3f046dce2281f25baa4e14927
tree	f70bedf2084f2ea3526e945430f9910922164445	tree \| snapshot
parent	913979f882d13360cba11fd4402d193d74b0396a	commit \| diff

src: add chain hashtable cache

This significantly improves ruleset listing time with large rulesets
(~50k rules) with _lots_ of non-base chains.

# time nft list ruleset &> /dev/null

Before this patch:

real    0m11,172s
user    0m6,810s
sys     0m4,220s

After this patch:

real    0m4,747s
user    0m0,802s
sys     0m3,912s

This patch also removes list_bindings from netlink_ctx since there is no
need to keep a temporary list of chains anymore.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/cache.h		diff \| blob \| blame \| history
include/netlink.h		diff \| blob \| blame \| history
include/rule.h		diff \| blob \| blame \| history
src/cache.c		diff \| blob \| blame \| history
src/evaluate.c		diff \| blob \| blame \| history
src/netlink.c		diff \| blob \| blame \| history
src/rule.c		diff \| blob \| blame \| history