From owner-freebsd-current  Thu Feb  1 08:28:29 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id IAA07851
          for current-outgoing; Thu, 1 Feb 1996 08:28:29 -0800 (PST)
Received: from asstdc.scgt.oz.au (root@asstdc.scgt.oz.au [202.14.234.65])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id IAA07840
          for <current@FreeBSD.ORG>; Thu, 1 Feb 1996 08:28:18 -0800 (PST)
Received: (from imb@localhost)
	by asstdc.scgt.oz.au (8.6.12/BSD4.4)
	id DAA14231; Fri, 2 Feb 1996 03:28:02 +1100
From: michael butler <imb@scgt.oz.au>
Message-Id: <199602011628.DAA14231@asstdc.scgt.oz.au>
Subject: Re: ip_fw ordering of rules..
To: phk@critter.tfs.com (Poul-Henning Kamp)
Date: Fri, 2 Feb 1996 03:28:01 +1100 (EST)
Cc: current@FreeBSD.ORG
In-Reply-To: <8371.823178002@critter.tfs.com> from "Poul-Henning Kamp" at Feb 1, 96 01:33:22 pm
X-Mailer: ELM [version 2.4 PL24beta]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-current@FreeBSD.ORG
Precedence: bulk

Poul-Henning Kamp writes:

> Does anybody but me find the ordering IP_FW does weird ?

Yes !

> I'd like to kick it out entirely, but at least an option to
> disable it is in order...
 
> What do other users of it think ?

I couldn't use FreeBSD without it .. no .. maybe that's a bit strong .. I'd
just have to learn a bit more about Cisco's access-lists :-) 

However, the order rearrangement forces a particular strategy when building
ipfw scripts that requires considerable patience by virtue of not always
producing the expected (and desired) results. 

On the other side, I understand that searching a rule tree similar to that
found in the routing tables is of considerable performance advantage as
compared to the traversal a (possibly lengthy) singly linked list ..

It's swings and roundabouts,

	michael