Hi Mike,
Its looks like this will make a big difference to us. I will take a look
at setting up a test bed to get IPFW2 going.
Thanks to everyone,
Tom
On Thu, 19 Jun 2003, Michael Sierchio wrote:
> Tom Daly wrote:
>
> >>>The average firewall ruleset runs around 600-800 rules, running on IPFW.
>
Tom Daly wrote:
The average firewall ruleset runs around 600-800 rules, running on IPFW.
That's a huge number of rules -- do you have any idea what number
of packets are checked against how many rules before being accepted
or denied? A histogram would be nice
Most of these rules are a simple
You could try organizing your rules using skipto to redice the number of
rukles any packet has to travers for example...
100 skipto 1000 ip from 1.0.0.0/4 to my-ip
200 skipto 2000 ip from 128.0.0.0/4 to my ip
1000 deny ip from 24.6.76.8 to any
1001 deny ip from 65.65.26.7 to any
1999 skipto 3000
Hi,
On Thu, 19 Jun 2003, Michael Sierchio wrote:
> Tom Daly wrote:
>
> > I am currently running a Dell Poweredge 350 with FreeBSD 4.7 as a network
> > firewall for one of our sites. This site sees about 3 megabits of traffic.
>
> per some unit of time, I presume? ;-) maybe 3Mbit/s?
>
Yes, 3Mbit
Tom Daly wrote:
I am currently running a Dell Poweredge 350 with FreeBSD 4.7 as a network
firewall for one of our sites. This site sees about 3 megabits of traffic.
per some unit of time, I presume? ;-) maybe 3Mbit/s?
The average firewall ruleset runs around 600-800 rules, running on IPFW.
That'
Hello,
I am currently running a Dell Poweredge 350 with FreeBSD 4.7 as a network
firewall for one of our sites. This site sees about 3 megabits of traffic.
The average firewall ruleset runs around 600-800 rules, running on IPFW.
The PE350 uses dual fxp chips on the machine's single PCI bus.
Could
