Date: Sun, 26 Feb 2012 13:07:29 -0800 From: Julian Elischer <julian@freebsd.org> To: Bob Bishop <rb@gid.co.uk> Cc: hackers@freebsd.org Subject: Re: Blackhole routes vs firewall drop rules Message-ID: <4F4A9F11.9050804@freebsd.org> In-Reply-To: <4F4A9E87.4080807@freebsd.org> References: <BC3D956B-FD78-4C1B-A4AA-8C33651237B2@gid.co.uk> <4F4A9E87.4080807@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
let's try that again with the right Subject: line On 2/26/12 1:05 PM, Julian Elischer wrote: > On 2/26/12 5:34 AM, Bob Bishop wrote: >> Hi, >> >> I'd like to hear from somebody who understands this stuff on the >> relative merits of blackhole routes vs firewall drop rules for >> dealing with packets from unwanted sources. I'm particularly >> interested in efficiency and scalability. Thanks > > the key is the word "from". routes can only be selected on 'TO' > (destination) where > firewalls can select on any combination of header fields. > > > >> -- >> Bob Bishop >> rb@gid.co.uk >> >> >> >> >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to >> "freebsd-hackers-unsubscribe@freebsd.org" >> >> > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to > "freebsd-hackers-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F4A9F11.9050804>