I am making a packet filtering program running on Ubuntu 12.04 which uses libipq as the library for copying packets into userspace. The logic of libipq works fine for me, my issue is that I have noticed a significant performance hit from using libipq to not using libipq. If I remove my iptable rules that I added for my program and let the kernel handle the packets, the speed is 50 MB/s. However, when using libipq and having restored my iptables rule, the speed goes down to 1 MB/s (if i'm lucky), it's usually half of that.
I wonder, could something be wrong with my iptable rules? Could there be a more efficient use of rules, or is libipq simply that inefficient (or my code even though I don't do that much)? Here is the script I use to setup my iptable rules:
#!/bin/sh
modprobe iptable_filter
modprobe ip_queue
iptables -A FORWARD -p icmp -j QUEUE
iptables -A FORWARD -p tcp -j QUEUE
iptables -A FORWARD -p udp-j QUEUE
iptables -A INPUT -p icmp -j QUEUE
iptables -A INPUT -p tcp -j QUEUE
iptables -A INPUT -p udp -j QUEUE
Other than that, my iptable rules are the default set that came with Ubuntu.
NOTE: My setup is for a client and server VM on two different subnets and using my Ubuntu VM to bridge both using NAT and ip masquerading.
