Darren (and/or other core coders, could you please comment on the following?)
I have been trying to use larger filter rule sets and have run into the limits of my hardware. This prompted me to study the issue in a bit more detail. I'm running NetBSD 2.1_Stable with ifp 4.1.3 (old I know, but has the rules memory overhead changed since then?). I currently have 256M ram and could conceivably get to 384MB, but no more with my present machine. I loaded several groups of 10,000 filter rules and observed memory usage. I observed that 10,000 rules consume on average 7.5 MB of kernel temp memory pool or ~780 Bytes/rule. In ascii format, 10,000 rules only consume about 750 kB or ~77 Bytes/rule. I would expect that the rules themselves are stored in some coded format and so should consume less storage than ascii, not more. I have tried looking at the frentry struct definition. If that gets created for every rule, I begin to understand why the overhead is so high. Key Questions: 1) Does an overhead figure of 750 kB seem about right as a per rule overhead figure for filter rule storage? 2) Is there anything simple that can be done to reduce this overhead? Or is the implementation dependent on this scheme? Thanks, gene
