I've written a small script, that logs some data about each connection. For small dumps - the script works fine. Can anyone suggest an efficient way/structure to handle/map unique connections. asked 07 Dec '11, 09:18  Trevor |
One Answer:
I'm assuming that tables in lua are done with hashes, so it should be pretty efficient anyway. Maybe that's not the case. What I'm saying is, maybe it's your code, not tables. It's hard to tell witout seeing your code. Each TCP connection has a unique number: tcp.stream. It's how the wireshark "Follow TCP stream" code is implemented. Try using that instead. Aside: Before the existance of tcp.stream "Follow" used to use the same "unique" pattern. I don't think it was terribly efficient, but it's also not unique, even if it seems so in practice. A truly unique pattern involves the addition of a timestamp: IP1,port1,IP2,port2,time. tcp.stream implicitly incorporates a timestamp, making it truly unique. You can always resort to segmenting the table. Example: you discover that most of your traffic is coming from 3 IPs in your local network. IP1 = 192.168.1.[123]. You could set up 4 tables, one for each IP, and one for all the other IPs. answered 07 Dec '11, 13:38  studog |
I think the question is off-topic since it's a pure Lua question. General Lua programming questions should be asked in StackOverflow. The author of Lua (Roberto Ierusalimschy) wrote a gem on Lua performance tips, where he discusses how tables are implemented. It might shed a little light on the situation.