Date: Sun, 25 Aug 2019 04:42:02 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Victor Gamov <vit@otcnet.ru>, freebsd-net@freebsd.org Subject: Re: finding optimal ipfw strategy Message-ID: <d96f5f87-405d-149a-f5e6-4cb2083b9b52@grosbein.net> In-Reply-To: <b9db2373-1c74-349a-830c-43cbf6a3420f@otcnet.ru> References: <f38b21a5-8f9f-4f60-4b27-c810f78cdc88@otcnet.ru> <4ff39c8f-341c-5d72-1b26-6558c57bff8d@grosbein.net> <7ca629bd-065b-549a-37f4-cd41d18f83e3@grosbein.net> <b9db2373-1c74-349a-830c-43cbf6a3420f@otcnet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
25.08.2019 3:44, Victor Gamov wrote: > Eugene > > Many thanks for your reply! > > I need to read more about tablearg and then modify my current production rules step by step. Also, rules like "ipfw add 25013 deny udp from any to any" should be simplified to "ipfw add 25013 deny ip from any to any" because only needed UDP packets hit these rules and we can save another check for protocol type.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d96f5f87-405d-149a-f5e6-4cb2083b9b52>