00:20 <ciupicri> fche: for your information, this is the reason I've been nagging you: https://unix.stackexchange.com/a/435078/1174 I wasn't that useful in the end, but I appreciate the help

00:20 <fche> reading now

00:21 <ciupicri> ... no need, it's nothing fancy

00:22 <fche> the topic reminds me of a talk a year or so ago, advertising how a bpf-based firewall module could be faster than an iptables one

00:22 <fche> .... because the iptables one they compared to had sixteen million individual rules :')

00:23 <ciupicri> yeah, bpf should be more flexibile; even nftables is better https://developers.redhat.com/blog/2017/04/11/benchmarking-nftables/ (too bad some details about the setup are missing)

00:25 <ciupicri> but at least systemtap gave me a bit of insight into the kernel; the netfilter howto [1] didn't provide enough information and it's one thing to read the kernel's source code and another to see it in action with probes ( [1]: https://www.netfilter.org/documentation/HOWTO/netfilter-hacking-HOWTO-4.html )

00:26 <fche> yeah ... exploring a foreign bit of code is something stap is good for ... but I don't think we have an intro writeup on that task

00:30 <ciupicri> I also had a look at the bcc-tools, like the one for ext4 latency thinking I can use it, but the source code was ... to much to grasp in a hurry ( http://www.brendangregg.com/blog/2016-10-06/linux-bcc-ext4dist-ext4slower.html & https://github.com/iovisor/bcc/blob/master/tools/ext4slower.py )

00:31 <fche> yeah, it's comparatively complicated to require both c and python

00:31 <ciupicri> I can't say that I like the systemtap scripting language, but at least it doesn't seem even more knowledge of the kernel

00:31 <fche> aha. we tried to cobble together as little a language as possible for the job

00:32 <ciupicri> *seem to require ...

00:32 <fche> some parts have shown themselves clunky and confusing, like the -> operator for any sort of dereferences

00:32 <fche> but any day now, if we're not already there, stap --bpf should have about the same expressive power as bcc-tools

22:07 <irker362> systemtap: amerey systemtap.git:refs/heads/master * release-3.2-158-g3888e85 / bpf-opt.cxx: BPF translator: improve register interference checking http://tinyurl.com/y87byscw