Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 81ff64ec authored by Lorenzo Colitti's avatar Lorenzo Colitti
Browse files

Move createChildChains to iptables-restore. 

This reduces netd startup time by about 2x.

Before:
02-02 14:01:20.075   485   485 I Netd    : Creating child chains: 2983.5ms
02-02 14:01:20.398   485   485 I Netd    : Netd started in 3325ms

After:
02-02 15:23:51.872   480   480 I Netd    : Creating child chains: 1572.3ms
02-02 15:23:52.200   480   480 I Netd    : Netd started in 1943ms

We cannot switch all chains to iptables-restore because vendor
code manipulates those chains directly. If we did, we would save
an additional ~1 second.

Add an oem_mangle_post chain linked from mangle POSTROUTING so
that said vendor code can modify that instead of POSTROUTING
directly. (There is already an oem_out chain, so no changes are
needed for vendor code to move off of OUTPUT.)

Bug: 34873832
Test: builds, boots, unit and integration tests pass
Test: iptables-save output before and after CL sees no unexpected rule changes
Change-Id: I64cc32e7e14d9966bf6bc9bcc604af8c5d19eae8
parent 19ee8a8d
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment