diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2017-03-19 23:30:54 +0200 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2017-03-21 10:51:16 +0200 |
| commit | c5ca01cc269c6a615ba19a7f61be53769c606691 (patch) | |
| tree | c1347a09c855e02ffe7ecc87f1627b9a3ba2f487 /main/ipset | |
| parent | c6b849ea0ea4952815b911e89a943ac2e5db7b1c (diff) | |
| download | aports-c5ca01cc269c6a615ba19a7f61be53769c606691.tar.bz2 aports-c5ca01cc269c6a615ba19a7f61be53769c606691.tar.xz | |
main/ipset: optimize init script performance
Diffstat (limited to 'main/ipset')
| -rw-r--r-- | main/ipset/APKBUILD | 4 | ||||
| -rw-r--r-- | main/ipset/ipset.initd | 60 |
2 files changed, 34 insertions, 30 deletions
diff --git a/main/ipset/APKBUILD b/main/ipset/APKBUILD index 1b5afbe4b1..b5951709ce 100644 --- a/main/ipset/APKBUILD +++ b/main/ipset/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> pkgname=ipset pkgver=6.32 -pkgrel=0 +pkgrel=1 pkgdesc="Manage Linux IP sets" url=http://ipset.netfilter.org/ arch="all" @@ -45,4 +45,4 @@ package() { } sha512sums="7b0f5e7ef1a777ab70872aa52f658ff9516cb5de4c67c56d7f596eb88db03467d39b10ffc098441b4bfa4bb21a15f3c5f7f7f825300ce8efbacd767369ad43c7 ipset-6.32.tar.bz2 -73993eb882371f5ef605762c96ad33625b99680aa38c823ed908dfc43b1fa86eb7714fe3b6e4cd5547b7b0a9b1f4209d2541d60341548fcbbfa95244471cfc93 ipset.initd" +deafc83f58e9abba9c9c399c246dcb687d4f5295b1807b923b8c02922584b70c2642221257f577e1cd86006b89ded08784d4d2953d6f043d7621f61eb83f1af7 ipset.initd" diff --git a/main/ipset/ipset.initd b/main/ipset/ipset.initd index 84b17c2aba..ee1668939b 100644 --- a/main/ipset/ipset.initd +++ b/main/ipset/ipset.initd @@ -1,6 +1,6 @@ #!/sbin/openrc-run # Init script for ipset -# Copyright (C) 2012 Kaarle Ritvanen +# Copyright (C) 2012-2017 Kaarle Ritvanen # Licensed under the terms of the GPL2 description="Manage IP sets in the Linux kernel" @@ -26,11 +26,15 @@ set_file() { } set_exists() { - $IPSET save $1 &> /dev/null + $IPSET -n list $1 &> /dev/null +} + +set_lists() { + $IPSET save | sed "s/^create \\([^ ]\\+\\) list:set.*/\\1/;ta;d;:a" } sets() { - $IPSET save | sed "s/^create \\([^ ]\\+\\) ${1:+$1 }.*/\\1/;ta;d;:a" + $IPSET -n list } @@ -45,7 +49,7 @@ start() { stop() { ebegin "Flushing firewall IP sets" - for name in $(sets list:set); do + for name in $(set_lists); do ipset destroy $name done @@ -81,35 +85,35 @@ save() { reload() { ebegin "Loading firewall IP sets" - local swap= - for name in $(set_files); do - local new=$name - if set_exists $name; then - new=_init_$name - swap="$swap $name" - fi - ipset create $new $(set_file $name | head -n 1) - done + ( + local swap= + for name in $(set_files); do + local new=$name + if set_exists $name; then + new=_init_$name + swap="$swap $name" + fi + echo create $new $(set_file $name | head -n 1) + done - for name in $(set_files); do - local new=$name - set_exists _init_$name && new=_init_$name - set_file $name | tail -n +2 | while read m; do - ipset add $new $m + for name in $(set_files); do + local new=$name + set_exists _init_$name && new=_init_$name + set_file $name | sed "1d;s/^/add $new /" done - done - for name in $swap; do - ipset swap $name _init_$name - done + for name in $swap; do + echo swap $name _init_$name + done - for name in $(sets list:set); do - [ -f $DIR/$name ] || ipset destroy $name - done + for name in $(set_lists); do + [ -f $DIR/$name ] || echo destroy $name + done - for name in $(sets); do - [ -f $DIR/$name ] || ipset destroy $name - done + for name in $(sets); do + [ -f $DIR/$name ] || echo destroy $name + done + ) | ipset restore eend $STATUS } |