You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Splitting the logic into two separate functions just seems to make the code more complicated, looking at iptables where we mostly use different table that may have made more sense but if we consider the nftables driver this seems like the wrong choice.
For nftables we only need to dump the rules once yet because the code is split into two functions calls we end up dumping the ruleset twice which makes things slower than it needs to be.
Splitting the logic into two separate functions just seems to make the code more complicated, looking at iptables where we mostly use different table that may have made more sense but if we consider the nftables driver this seems like the wrong choice.
For nftables we only need to dump the rules once yet because the code is split into two functions calls we end up dumping the ruleset twice which makes things slower than it needs to be.
netavark/src/firewall/nft.rs
Line 94 in ad066d4
netavark/src/firewall/nft.rs
Line 548 in ad066d4
The same goes for the teardown functions.
The text was updated successfully, but these errors were encountered: