Viktor Dukhovni:
> On Fri, May 20, 2016 at 03:24:26PM -0400, Wietse Venema wrote:
>
> > I can do a little better than thats, and also give a number for the
> > per-query overhead. With this i5-650 CPU @3.2GHZ, it takes 0.92
> > seconds to parse 1 million IPv4 patterns, and less than about 0.01
> > second to search through those 1 million IPv4 patterns.
> >
> > The matching process could be sped up a lot by adding support for
> > IF/ENDIF as with regexp: and pcre: tables, but it is hard to justify
> > that effort with current use cases.
>
> Performance reasons aside, 'if ... endif' support can make the map
> files more readable (matter of taste perhaps), and may be worthwhile
> for that reason:
>
> Before (exceptions before rule):
>
> 192.0.2.1 DUNNO
> 192.0.2.5 DUNNO
> ...
> 192.0.2.0/24 REJECT
>
> After (rule first with nested exceptions):
>
> if 192.0.2.0/24
> 192.0.2.1 DUNNO
> 192.0.2.5 DUNNO
> ...
> 0.0.0.0/0 REJECT
> endif
Before I do that, I first had to clean up the if-endif support in
pcre and regexp tables. I was never satisfied with the code for
skipping over an unmatched if-endif block. The updated if-endif
implementation is ready for cloning into other tables.
Wietse
