[Bug 1426] New: Inefficient command lookup on errors
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat May 2 14:04:23 CEST 2020
https://bugzilla.netfilter.org/show_bug.cgi?id=1426
Bug ID: 1426
Summary: Inefficient command lookup on errors
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: makovick at gmail.com
Created attachment 592
--> https://bugzilla.netfilter.org/attachment.cgi?id=592&action=edit
nft_netlink error path speedup patch
When nft_netlink() encounters an error, it looks up the offending command in
the command list, always starting from the list head. With long machine
generated nftables containing errors, this can take a very long time, making an
impression that nft locked up.
Because the command seqnums in the command list are monotonic, and so are
usually the error seqnums, this performance issue can be easily mitigated by
resetting the search position to the command list head only if the error seqnum
decreases.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200502/cd0aef60/attachment.html>
More information about the netfilter-buglog
mailing list