On Mon, Oct 08, 2007 at 05:02:23PM -0700, Tom Eastep wrote:
> Andrew Suffield wrote:
>
> > Try the attached patch which switches it over
> > to using perl's builtin interface to NSS, see if that helps.
>
> Still not cheap:
>
> gateway:~ # time /usr/share/shorewall-perl/buildports.pl > /dev/null
>
> real 0m0.207s
> user 0m0.200s
> sys 0m0.000s
> gateway:~ #
How much of that is the overhead of compiling Shorewall::Config and
generating the output? On my system, around 90% of it turns out to be
overhead. Realistic test script follows, this should be the real
penalty for running on startup:
our %protocols;
our %services;
while ( my ($proto1, $aliases, $number) = getprotoent() ) {
my @aliases = split(' ', $aliases);
foreach my $name ($proto1, @aliases) {
$protocols{$name} = $number;
}
}
while ( my ($name1, $aliases, $number, $proto) = getservent() ) {
my @names = split(' ', $aliases);
next unless $proto && ($proto eq 'tcp' || $proto eq 'udp');
foreach my $name ($name1, @aliases) {
$services{$name} = $number;
}
}
Note also that if you only need lookup functions, and not a full
listing of all the ports, then using the builtins getservbyname() and
getprotobyname() directly will be even faster, since it won't have to
drag the entire thing into perl's working space.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
