diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2017-03-19 23:30:54 +0200 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2017-03-21 10:51:16 +0200 |
| commit | c5ca01cc269c6a615ba19a7f61be53769c606691 (patch) | |
| tree | c1347a09c855e02ffe7ecc87f1627b9a3ba2f487 /main/ipset/ipset.initd | |
| parent | c6b849ea0ea4952815b911e89a943ac2e5db7b1c (diff) | |
| download | aports-c5ca01cc269c6a615ba19a7f61be53769c606691.tar.bz2 aports-c5ca01cc269c6a615ba19a7f61be53769c606691.tar.xz | |
main/ipset: optimize init script performance
Diffstat (limited to 'main/ipset/ipset.initd')
| -rw-r--r-- | main/ipset/ipset.initd | 60 |
1 files changed, 32 insertions, 28 deletions
diff --git a/main/ipset/ipset.initd b/main/ipset/ipset.initd index 84b17c2aba..ee1668939b 100644 --- a/main/ipset/ipset.initd +++ b/main/ipset/ipset.initd @@ -1,6 +1,6 @@ #!/sbin/openrc-run # Init script for ipset -# Copyright (C) 2012 Kaarle Ritvanen +# Copyright (C) 2012-2017 Kaarle Ritvanen # Licensed under the terms of the GPL2 description="Manage IP sets in the Linux kernel" @@ -26,11 +26,15 @@ set_file() { } set_exists() { - $IPSET save $1 &> /dev/null + $IPSET -n list $1 &> /dev/null +} + +set_lists() { + $IPSET save | sed "s/^create \\([^ ]\\+\\) list:set.*/\\1/;ta;d;:a" } sets() { - $IPSET save | sed "s/^create \\([^ ]\\+\\) ${1:+$1 }.*/\\1/;ta;d;:a" + $IPSET -n list } @@ -45,7 +49,7 @@ start() { stop() { ebegin "Flushing firewall IP sets" - for name in $(sets list:set); do + for name in $(set_lists); do ipset destroy $name done @@ -81,35 +85,35 @@ save() { reload() { ebegin "Loading firewall IP sets" - local swap= - for name in $(set_files); do - local new=$name - if set_exists $name; then - new=_init_$name - swap="$swap $name" - fi - ipset create $new $(set_file $name | head -n 1) - done + ( + local swap= + for name in $(set_files); do + local new=$name + if set_exists $name; then + new=_init_$name + swap="$swap $name" + fi + echo create $new $(set_file $name | head -n 1) + done - for name in $(set_files); do - local new=$name - set_exists _init_$name && new=_init_$name - set_file $name | tail -n +2 | while read m; do - ipset add $new $m + for name in $(set_files); do + local new=$name + set_exists _init_$name && new=_init_$name + set_file $name | sed "1d;s/^/add $new /" done - done - for name in $swap; do - ipset swap $name _init_$name - done + for name in $swap; do + echo swap $name _init_$name + done - for name in $(sets list:set); do - [ -f $DIR/$name ] || ipset destroy $name - done + for name in $(set_lists); do + [ -f $DIR/$name ] || echo destroy $name + done - for name in $(sets); do - [ -f $DIR/$name ] || ipset destroy $name - done + for name in $(sets); do + [ -f $DIR/$name ] || echo destroy $name + done + ) | ipset restore eend $STATUS } |