* Harald Dunkel <ha...@afaics.de> [2014-10-07 13:46]: > A related question: I wonder how well "(self)" and "(group)" > perform, compared to tables listing IP addresses? Is (self) > evaluated every time for each rule using it, once per connection, > in certain intervals, or only if one of the network interfaces > are actually changed?
the latter, they are tables internally that get updated on changes. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
