Re: [PATCH v2 nf] netfilter: x_tables: speed up jump target validation

Florian Westphal wrote: > The dummy ruleset I used to test the original validation change was broken, > most rules were unreachable and were not tested by mark_source_chains(). ... I will send a v3 to also include arptables. I thought arptables was irrelevant since arptable

[PATCH v2 nf] netfilter: x_tables: speed up jump target validation

The dummy ruleset I used to test the original validation change was broken, most rules were unreachable and were not tested by mark_source_chains(). In some cases rulesets that used to load in a few seconds now require several minutes. sample ruleset that shows the behaviour: echo "*filter" for