> On Wed, Sep 19, 2001 at 07:39:13PM +0200, Leif Neland wrote:
>
> > Or you could patch ipfw to be able to use a hash-db :-)
>
> skipto caches the pointer of the rule its skipping to the first time
> it uses that rule. not going to get a better hash hit then that...
not enough. The original message was asking for a rule of the form
<action> $addr in $set ...
where $set is a potentially large set of addresses (or ports as well),
which, when "compiled", creates a hash table where one can do the search
on O(1) time.
With the current syntax we still have to explode the set with individual
rules (naive approach) or something resembling a trie (using skipto rules).
cheers
luigi
----------------------------------+-----------------------------------------
Luigi RIZZO, [EMAIL PROTECTED] . ACIRI/ICSI (on leave from Univ. di Pisa)
http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704
Phone (510) 666 2927 .
----------------------------------+-----------------------------------------
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
