Comment 19 for bug 1253993

Reviewed: https://review.openstack.org/98692
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=6fd5a20132e1327913c0a0099781a903f37c3ee9
Submitter: Jenkins
Branch: stable/icehouse

commit 6fd5a20132e1327913c0a0099781a903f37c3ee9
Author: Sudhakar <email address hidden>
Date: Mon Mar 3 15:35:20 2014 +0530

    Improve iptables_manager _modify_rules() method

    As the number of ports per default security group increases, the
    number of iptables entries on the Compute Node grows. Because of
    this, there is a gradual increase in the time taken to apply chains
    and rules.

    Currently we are using list comprehensions to find if a new chain or
    rule matches an existing one. Instead, walk through the list in
    reverse to find a matching entry.

    Added a new method, _find_last_entry(), to return the entry we are
    searching for.

    Change-Id: I3585479ffa00be556b8b21dc9dbd6b36ad37f4de
    Closes-Bug: #1302272
    Related-Bug: #1253993
    (cherry picked from commit 0c202ab3e453e38c09f04978e4fce30d6ee6350c)