> > I'm wondering - how does it affect tools that load several thousands of IPs > into a table? Like spamd, bgpd (for spam lists etc.), or pfctl for IP black > lists (as distributed by ET). > > There are valid use cases with HUGE tables, but I have to admit that I didn't > test your diff yet. Just a concern that loading IPs one after another might > take forever. >
I could measure no difference on sample of 10000 unique IPv4 addresses. Both (pfr_add_addrs/pfr_add_addr) could load them within 1sec. pfr_add_addrs: # wc -l test.table.pf ; date ; pfctl -t test -T add -f test.table.pf ; date 100000 test.table.pf Mon Nov 9 18:21:18 CET 2015 1 table created. 100000/100000 addresses added. Mon Nov 9 18:21:19 CET 2015 pfr_add_addr: Mon Nov 9 18:31:27 CET 2015 # wc -l test.table.pf ; date ; pfctl -t test -T add -f test.table.pf ; date 100000 test.table.pf Mon Nov 9 18:31:27 CET 2015 1 table created. 100000/100000 addresses added. Mon Nov 9 18:31:28 CET 2015 My test machine is Toshiba Tecra with Centrino 2. regards sasha