Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 13debb89 authored by Lorenzo Colitti's avatar Lorenzo Colitti
Browse files

Use iptables-restore in BandwidthController startup. 

This saves approximately 800ms on boot.

From the perspective of the rules, this change is a no-op. As the
unit test shows, the commands are the same, though some are in a
slightly different order because iptables-restore requires that
COMMIT be called between different tables (e.g., filter and
mangle).

For simplicity, enableBandwidthControl runs two iptables-restore
commands instead of one. This is not semantically different from
the previous code because the previous code just ran iptables
commands one by one, which provides no atomicity. Running two
commands is a bit slower than running one, but it's still much
faster than using iptables.

Using iptables-restore allows us to do things like ":<chain> -",
which both creates the chain (if it does not already exist) and
flushes it. This allows us to remove IPT_CLEANUP_COMMANDS and
IPT_SETUP_COMMANDS. Those two sets of commands, which basically
just did "-X bw_<foo>" and "-N bw_<foo>" were only necessary
because the preceding "-F bw_<foo>" command would not create
bw_<foo> if it did not already exist (e.g. in setupIptablesHooks,
which runs on netd startup).

Bug: 21725996
Change-Id: I6656aed4287dfcb2311c94800f430c143fb0b1a5
parent a0dc8a54
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment