How can I get these packets in the user space application?
Performance Issues?
Maarten Wijnants
maarten.wijnants at pandora.be
Thu Dec 9 17:30:38 CET 2004
Hello Steven,
>I have a side question on this. I have a kernel module that creates a
> netfilter hook that looks for packets with a certain source port, and then
> directs them to NF_QUEUE, and I have a user space application that
> receives the queued packets.
> Since I am only queuing packets I want to monitor/modify is my performance
> hit significant? Or am I better off doing everything within the kernel
> module?
>
As I see it, there will only be a slight performance loss for the packets
you are queueing to userspace, all other packets are not sent to userspace
and as a result do not incur extra delay. In my opinion, the question
whether you should monitor/modify the packets in userspace or kernelspace
depends on the complexity of the operations you would like to perform on the
packets. If rather complicated operations are needed, it is my opinion you
are better off in userspace (programming in userspace is easier than
programming in kernelspace). On the other hand, if processing speed is
really essential, you should choose for kernelspace processing.
Kind regards,
Maarten
More information about the netfilter-devel
mailing list