From owner-freebsd-current  Fri Jan  7 15:40:54 2000
Delivered-To: freebsd-current@freebsd.org
Received: from info.iet.unipi.it (info.iet.unipi.it [131.114.9.184])
	by hub.freebsd.org (Postfix) with ESMTP id 21410157C4
	for <freebsd-current@FreeBSD.ORG>; Fri,  7 Jan 2000 15:40:51 -0800 (PST)
	(envelope-from luigi@info.iet.unipi.it)
Received: (from luigi@localhost)
	by info.iet.unipi.it (8.9.3/8.9.3) id AAA06578;
	Sat, 8 Jan 2000 00:40:54 +0100 (CET)
	(envelope-from luigi)
From: Luigi Rizzo <luigi@info.iet.unipi.it>
Message-Id: <200001072340.AAA06578@info.iet.unipi.it>
Subject: Re: ipfw optimizations
In-Reply-To: <200001072234.OAA13343@gndrsh.dnsmgr.net> from "Rodney W. Grimes"
 at "Jan 7, 2000 02:34:19 pm"
To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Date: Sat, 8 Jan 2000 00:40:53 +0100 (CET)
Cc: Patrick Bihan-Faou <patrick@mindstep.com>,
	Harold Gutch <logix@foobar.franken.de>, freebsd-current@FreeBSD.ORG,
	Nate Williams <nate@mt.sri.com>
X-Mailer: ELM [version 2.4ME+ PL61 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> No, this is completly reasonable now that I understand what it is your
> proposing.  Even the memory footprint is minimal if pointers to the
> actual rules is all we store in the per interface list, my largest set
> duplicated over 8 interfaces would only be 3200 rules.  Stored as

I'd be curious to know what your 400-rule set looks like, what is
the longest search path through that ruleset, and whether that
ruleset could be made more efficient to run by implementing some
kind of switch() statement (eg. for selecting based on interfaces),
or hash tables (e.g. you want to allow/deny to a list of random
addresses...).

	cheers
	luigi
-----------------------------------+-------------------------------------
  Luigi RIZZO, luigi@iet.unipi.it  . Dip. di Ing. dell'Informazione
  http://www.iet.unipi.it/~luigi/  . Universita` di Pisa
  TEL/FAX: +39-050-568.533/522     . via Diotisalvi 2, 56126 PISA (Italy)
  Mobile   +39-347-0373137
-----------------------------------+-------------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message