Date: Sat, 8 Jan 2000 00:40:53 +0100 (CET) From: Luigi Rizzo <luigi@info.iet.unipi.it> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> Cc: Patrick Bihan-Faou <patrick@mindstep.com>, Harold Gutch <logix@foobar.franken.de>, freebsd-current@FreeBSD.ORG, Nate Williams <nate@mt.sri.com> Subject: Re: ipfw optimizations Message-ID: <200001072340.AAA06578@info.iet.unipi.it> In-Reply-To: <200001072234.OAA13343@gndrsh.dnsmgr.net> from "Rodney W. Grimes" at "Jan 7, 2000 02:34:19 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> No, this is completly reasonable now that I understand what it is your > proposing. Even the memory footprint is minimal if pointers to the > actual rules is all we store in the per interface list, my largest set > duplicated over 8 interfaces would only be 3200 rules. Stored as I'd be curious to know what your 400-rule set looks like, what is the longest search path through that ruleset, and whether that ruleset could be made more efficient to run by implementing some kind of switch() statement (eg. for selecting based on interfaces), or hash tables (e.g. you want to allow/deny to a list of random addresses...). cheers luigi -----------------------------------+------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56126 PISA (Italy) Mobile +39-347-0373137 -----------------------------------+------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001072340.AAA06578>