AT Matik wrote:
On Friday 30 March 2007 17:40, Julian Elischer wrote:
I have been looking at the IPFW code recently, especially
with respect to locking.
There are some things that could be done to improve IPFW's
behaviour when processing packets, but some of these take a
toll (there is always a toll) on the 'updating' side of things.
Hi ,
would you mind to explain your way of "add a toll", do you mean kind of price
for a benefit or something like that? Sorry I am not native american english
speaker.
a toll is a cost.
so, yes (toll is not just American English)
If I understand this right I would say that it does not matter for adding
rules, what is of interest is processing time when they exist already
exactly..
Is there anyone out there who is adding hundreds (or even dozens) of rules
per second on a continuous basis, or who wants rule changing to
be a really efficient operation?
even if ...
I have a system which takes additional custom parms from rc.conf.
so lets say the admin configures a new IP or port he executes a script which
flushes the old and executes the new rules
it doesn't matter the time it takes to execute the new rules - what certainly
depends on machine capacities - what matters at the end is how fast the
machine can process the rules at run-time ... whatever it is .. as long as it
is faster ... not building the rule set but running them under load
(does it matter to you if it takes a few milliSecs to add a rule?)
absolutely NOT
thankyou
João
A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
