Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit cda022e6 authored by Lorenzo Colitti's avatar Lorenzo Colitti
Browse files

Further speed up creating child chains. 

Currently createChildChain creates and adds child chains by using
-F -X -N and -A iptables commands. This guarantees that the child
chains are emtpy.  are guaranteed to be empty. Therefore, it is
safe to create all the child chains with a single
iptables-restore command that flushes all the child chains and
appends them to the parent chain.

This makes it possible to create chains quickly even if the
parent chain is touched by vendor code and thus cannot be safely
flushed.

This substantially speeds up netd startup. Before:
02-03 12:52:47.786   492   492 I Netd    : Creating child chains: 1543.5ms
02-03 12:52:48.103   492   492 I Netd    : Netd started in 1929ms

After:
02-03 12:51:46.831   511   511 I Netd    : Creating child chains: 672.5ms
02-03 12:51:47.244   511   511 I Netd    : Netd started in 1115ms

Test: builds, boots
Test: before/after comparison shows no expected rule changes
Bug: 34873832
Change-Id: I88f4e539d727e3b542cf6f8acd61728cadda972f
parent ce6748a3
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment