Date: Mon, 2 Apr 2001 16:12:38 +0200 From: Markus Holmberg <markush@acc.umu.se> To: freebsd-questions@freebsd.org Subject: ipfw dst me usage performance noticeable? Message-ID: <20010402161238.A7685@acc.umu.se>
next in thread | raw e-mail | index | archive | help
ipfw(8) says: "Specifying me makes the rule match any IP number configured on an interface in the system. This is a computationally semi-expen- sive check which should be used with care." Does using 'me' in the last few rules (just before the deny all) that match TCP setup packets etc make sense? (I.e. is the performance loss for this kind of usage something one would notice?) (The bulk load of packets should be taken care of the rule above that passes through all already established traffic..) Regards, Markus. -- Markus Holmberg | Give me Unix or give me a typewriter. markush@acc.umu.se | http://www.freebsd.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010402161238.A7685>