by RAFCI » Thu, 07 Oct 1999 04:00:00
by QuestionExchang » Fri, 15 Oct 1999 04:00:00
--Quote:> Can anybody tell me something about Linux Socket Filter which
is kernel
> level socket filtering. The example of such a filter and its
usage will be
> very welcome !
1. Linux Socket Filter sudden CPU use increase
I have been testing Linux Socket Filters (LSF) these weeks (kernels
2.2.12,
2.2.14, 2.2.18, 2.4.1) with libpcap (0.4 - 0.6.2) and I have observed
something curious. I make a program that increase number of simultaneous
LSF filters (5, 10, 15..) and when this number is between 15 and 50,
suddenly
CPU consumed by kernel increases suddenly. Any idea?
(you can see a figure of CPU vs. number of LSF filter in
http://www.tlm.unavarra.es/~eduardo/varios/lsf.gif)
I do not see anything stranger. Only, using Linux Trace Toolkit with
some
modifications when there are few filters, I observe that of timer Bottom
Half
follows IRQ 0. And when there are more filters, IRQ 0 takes place when
the
network Bottom Half is taking place, so the timer Bottom Half is delayed
to
the end of the network Bottom Half. Can it be related?
To measure kernel CPU I have used the trick of running another CPU with
low
priority. According to the time this second process is delayed an
aproximate
%CPU is obtained.
I do not understand what is happening. Any help would be very useful.
Eduardo
--
Eduardo Maga?a Lizarrondo
http://www.tlm.unavarra.es/~eduardo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
2. Bug in vfat?
4. repost) How to detect status of a passwd
6. pkgadd
8. Tomcat exception on startup
11. Linux Socket Filtering (LSF)
12. detailed description of linux socket filter and sniffing problem
13. regarding linux socket filter and sniffing