On 2006/09/14 02:12, Gustavo Rios wrote: > i am playing with ftp-proxy and could not understand the benefits of > the new one compared to the previous up to 3.8. Could some one enlight > me? > One thing i realized is the number of rules the new version creates on > run time. Whether this feature is a plus i could not understand.
Yes, it is. Before, ftp data sessions had to pass to the ftp-proxy process running as a user process. Now, data sessions are handled by the NAT rules added, so for each packet there's just a state lookup, header rewrite and packet forwarding, all in-kernel.
