Comment 16 for bug 1640786

I confirm that iptables offers way better performance now on Xenial kernel.

BEFORE:
$ uname -r
4.4.0-62-generic

$ time (./list-addrs 3000 | xargs -n1 iptables -A FORWARD -j ACCEPT -s)

real 0m34.502s
user 0m1.372s
sys 0m27.428s

AFTER:
$ uname -r
4.4.0-63-generic

$ time (./list-addrs 3000 | xargs -n1 iptables -A FORWARD -j ACCEPT -s)

real 0m5.680s
user 0m0.100s
sys 0m0.264s