Hi Freddie Cash! On Wed, 19 Mar 2008 13:32:01 -0700; Freddie Cash wrote about 'Separate rules for each port, or one for all ports?':
> I'm just curious if there is any information available on how quickly ipfw > processes rules, and whether or not a long list of ports in a single rule > makes things faster or slower? > Just curious if there is a big difference between: > ipfw add allow tcp from any to me 22,25,80,110,143,443,10000 in recv fxp0 > and > ipfw add allow tcp from any to me 22 in recv fxp0 > ipfw add allow tcp from any to me 25 in recv fxp0 > ipfw add allow tcp from any to me 80 in recv fxp0 > ipfw add allow tcp from any to me 110 in recv fxp0 > ipfw add allow tcp from any to me 143 in recv fxp0 > ipfw add allow tcp from any to me 443 in recv fxp0 > ipfw add allow tcp from any to me 10000 in recv fxp0 > Other than the ability to track traffic through each port, of course. The first becomes significantly faster when you have hundreds of rules. -- WBR, Vadim Goncharov. ICQ#166852181 mailto:[EMAIL PROTECTED] [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight] _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
