blob: afda26662a9144a04ef6d8c57b7045851b2539f8 [file] [log] [blame]
#!/bin/bash
#
# The ebtablesu/ebtablesd programs are deprecated,
# they're mostly useful for debugging ebtables in daemon
# mode. For fast population of tables, use ebtables-restore.
# You should probably just ignore this script.
#
# This script can be used to compare the speed of
# the different methods for adding rules in ebtables
# chains.
#
# Apart from the standard method of adding rules with
# the ebtables tool, rules can be added (faster) with
# ebtablesd running in the background and accepting
# commands through a pipe. The pipe can be written to
# with the standard shell tools. The only restriction is
# that spaces are only used to separate options and
# commands, i.e. spaces are not allowed in strings, even
# if they are between "". E.g.
# ebtablesu -A --log-prefix "a space"
# is not allowed, however
# ebtablesu -A --log-prefix "a_space"
# is allowed.
#
# Author: Bart De Schuymer
#
export PIPE=/tmp/ebtables-v2.0.7/ebtablesd_pipe
export EBTABLES=/usr/local/sbin/ebtables
export EBTABLESD=/usr/local/sbin/ebtablesd
export EBTABLESU=/usr/local/sbin/ebtablesu
if [[ $# = 0 ]]
then
rm -f iets niets iets.out niets.out
MAXLIMIT=10000
for ((LIMIT=10; LIMIT <= MAXLIMIT; LIMIT *= 10)) do
killall ebtablesd 2>/dev/null
$EBTABLES --init-table
export LIMIT
time $0 1
echo "added" $LIMIT "rules with echo"
$EBTABLES --atomic-file iets --atomic-save
$EBTABLES -F
time $0 2
echo "added" $LIMIT "rules with ebtables"
$EBTABLES --atomic-file niets --atomic-save
$EBTABLES --atomic-file iets -L > iets.out
$EBTABLES --atomic-file niets -L > niets.out
diff -purN iets.out niets.out
rm -f niets niets.out
killall ebtablesd 2>/dev/null
$EBTABLES -F
time $0 3
echo "added" $LIMIT "rules with ebtablesu"
$EBTABLES --atomic-file niets --atomic-save
$EBTABLES --atomic-file iets -L > iets.out
$EBTABLES --atomic-file niets -L > niets.out
diff -purN iets.out niets.out
rm -f niets niets.out
time $0 4
echo "added" $LIMIT "rules with atomic-file"
$EBTABLES --atomic-file niets --atomic-save
$EBTABLES --atomic-file niets -L > niets.out
diff -purN iets.out niets.out
rm -f niets niets.out
time $0 5
echo "added" $LIMIT "rules with one atomic-commit"
$EBTABLES --atomic-file niets --atomic-save
$EBTABLES --atomic-file niets -L > niets.out
diff -purN iets.out niets.out
rm -f iets iets.out niets niets.out
done
elif [[ $1 = "1" ]]
then
$EBTABLESD &
pid=`jobs -p '$EBTABLESD'`
sleep 1
$EBTABLESU open filter
# Add rules with ebtablesd
echo "$EBTABLESU -F" >>$PIPE
for ((a=1; a <= LIMIT; a++)) do
echo "$EBTABLESU -A FORWARD" >>$PIPE
done
$EBTABLESU commit filter
$EBTABLESU quit
wait $pid
elif [[ $1 = "2" ]]
then
# Add rules with ebtables
for ((a=1; a <= LIMIT; a++))
do
$EBTABLES -A FORWARD
done
elif [[ $1 = "3" ]]
then
$EBTABLESD &
pid=`jobs -p '$EBTABLESD'`
sleep 1
$EBTABLESU open filter
# Add rules with ebtablesu
for ((a=1; a <= LIMIT; a++))
do
$EBTABLESU -A FORWARD
done
$EBTABLESU commit filter
$EBTABLESU quit
wait $pid
elif [[ $1 = "4" ]]
then
# Add rules with ebtables --atomic-file
$EBTABLES --atomic-file niets --atomic-init
for ((a=1; a <= LIMIT; a++))
do
$EBTABLES --atomic-file niets -A FORWARD
done
$EBTABLES --atomic-file niets --atomic-commit
else
# Add rules taken from a binary file containing a saved table
$EBTABLES --atomic-file iets --atomic-commit
fi
# From the results below, we can conclude the following about
# table constructions when speed is an issue.
# For first-time fast construction of tables, it's best to use the
# echo + ebtablesd method. If the echo method is unwanted, it
# is best to use the ebtablesu + ebtablesd method.
# The echo method is much faster because echo is a bash
# built-in command.
# Perhaps intialize the kernel tables to empty chains with
# policy DROP before constructing the table in userspace.
# For construction of tables that were constructed earlier, it
# is best to save those constructed tables to a binary file
# and then use --atomic-commit to get the table in the kernel
# (this is lightning fast compared with the other methods).
#
# System specs:
# processor : 0
# vendor_id : AuthenticAMD
# cpu family : 6
# model : 4
# model name : AMD Athlon(tm) processor
# stepping : 4
# cpu MHz : 1000.592
# cache size : 256 KB
# MemTotal : 515780 kB
#
####10 rules####
#
# real 0m0.078s
# user 0m0.030s
# sys 0m0.045s
# added 10 rules with echo
#
# real 0m0.098s
# user 0m0.031s
# sys 0m0.063s
# added 10 rules with ebtables
#
# real 0m0.275s
# user 0m0.083s
# sys 0m0.188s
# added 10 rules with ebtablesu
#
# real 0m0.279s
# user 0m0.082s
# sys 0m0.192s
# added 10 rules with atomic-file
#
# real 0m0.017s
# user 0m0.009s
# sys 0m0.008s
# added 10 rules with one atomic-commit
#
# real 0m0.095s
# user 0m0.050s
# sys 0m0.043s
# added 100 rules with echo
#
# real 0m0.936s
# user 0m0.315s
# sys 0m0.587s
# added 100 rules with ebtables
#
# real 0m1.967s
# user 0m0.449s
# sys 0m1.479s
# added 100 rules with ebtablesu
#
# real 0m2.472s
# user 0m0.745s
# sys 0m1.660s
# added 100 rules with atomic-file
#
# real 0m0.018s
# user 0m0.006s
# sys 0m0.012s
# added 100 rules with one atomic-commit
#
# real 0m0.740s
# user 0m0.461s
# sys 0m0.265s
# added 1000 rules with echo
#
# real 0m12.471s
# user 0m4.423s
# sys 0m7.828s
# added 1000 rules with ebtables
#
# real 0m17.715s
# user 0m6.814s
# sys 0m10.604s
# added 1000 rules with ebtablesu
#
# real 0m28.176s
# user 0m8.875s
# sys 0m18.704s
# added 1000 rules with atomic-file
#
# real 0m0.025s
# user 0m0.015s
# sys 0m0.010s
# added 1000 rules with one atomic-commit
#
# real 1m11.474s
# user 1m9.662s
# sys 0m1.035s
# added 10000 rules with echo
#
# real 10m9.418s
# user 4m19.163s
# sys 5m37.548s
# added 10000 rules with ebtables
#
# real 2m32.119s
# user 1m38.085s
# sys 0m52.298s
# added 10000 rules with ebtablesu
#
# real 13m23.396s
# user 5m29.770s
# sys 6m44.598s
# added 10000 rules with atomic-file
#
# real 0m0.319s
# user 0m0.037s
# sys 0m0.057s
# added 10000 rules with one atomic-commit