Date: Thu, 16 Sep 2004 03:52:47 -0000 From: Max Laier <max@love2party.net> To: James Quick <pf4freebsd@freelists.org> Subject: [pf4freebsd] Re: Question about tables vs. lists. Message-ID: <63344978883.20031001173815@love2party.net> In-Reply-To: <73B4DAB7-F421-11D7-B179-003065C496DC@quick.com> References: <18E25BB4-F287-11D7-ADF9-003065C496DC@quick.com> <143167915309.20030929162711@love2party.net> <7F0E43BA-F291-11D7-B179-003065C496DC@quick.com> <99173910970.20030929180707@love2party.net> <73B4DAB7-F421-11D7-B179-003065C496DC@quick.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello James, Wednesday, October 1, 2003, 5:10:54 PM, you wrote: >> I prefer lists over tables when I have a small set of stable hosts or >> nets that I want to filter (=3Dblock). The reason for that is, that I >> somewhat "hardcode" it into my ruleset and that I can get per host >> output from pflog. I use tables only where I want a manageable solutio= n >> and have fairly many addresses. JQ> I'm not sure I understand what you mean by this statement. JQ> If you meant pfctl instead of pflog then it makes sense to me. JQ> Given two rules one of which uses a table, and another which JQ> uses a list, wouldn't the stream of tcpdump packets written to JQ> the pflog device be the same except for rule number? JQ> If you really did mean pflog could you please elaborate? Both! You are right, the difference for pfctl is much more visible, but the different rule number on pflog output is something I like nonetheless= . >> However, I don't believe that you will see much difference between a >> table- or list-powered ruleset for 10-20 addresses. Choose whatever >> approach is the more comfortable for you. JQ> I did a lot of playing around, and you're right, performance does JQ> not seem to be an issue. Thanks for the confirmation. I just JQ> wanted to be sure that I wasn't going to step in anything later. Did you do proper benchmarks? That would be really valuable information. However the above stands: There is (theoretically) not much difference between the two options. --=20 Best regards, Max mailto:max@love2party.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?63344978883.20031001173815>