[Openswan dev] Small optimisation for lots of interfaces
Ken Bantoft
ken at xelerance.com
Wed Nov 23 05:24:18 CET 2005
Thanks, merged into the git #public tree.
On Wed, 23 Nov 2005, David McCullough wrote:
>
> Hi all,
>
> Not sure how acceptable this is, but thought I would throw it out
> there and see.
>
> If you have a box with 100's of interfaces, processing ifconfig
> output to find the configured ipsec interfaces is a little expensive,
> so this patch changes it to use /proc/net/ipsec_tncfg.
>
> Cheers,
> Davidm
>
> Index: openswan/programs/_realsetup/_realsetup.in
> ===================================================================
> RCS file: /cvs/sw/new-wave/openswan/programs/_realsetup/_realsetup.in,v
> retrieving revision 1.1.1.2
> diff -u -r1.1.1.2 _realsetup.in
> --- openswan/programs/_realsetup/_realsetup.in 26 Sep 2005 01:46:24 -0000 1.1.1.2
> +++ openswan/programs/_realsetup/_realsetup.in 23 Nov 2005 03:17:09 -0000
> @@ -138,7 +138,12 @@
>
> if $klips
> then
> - KILLKLIPS='ifl=` ifconfig | sed -n -e "/^ipsec/s/ .*//p" ` ;
> + #
> + # don't use ifconfig here, there may be thousands of
> + # interfaces to parse through, much quicker to go
> + # direct to the source
> + #
> + KILLKLIPS='ifl=`grep -v NULL /proc/net/ipsec_tncfg 2> /dev/null | sed -n -e "/^ipsec/s/ .*//p" ` ;
> test "X$ifl" != "X" &&
> for i in $ifl ;
> do
More information about the Dev
mailing list