Date: Fri, 12 Oct 2001 16:37:05 +0200 From: Alfatrion <alfatrion@cybertron.tmfweb.nl> To: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> Cc: "Hartmann, O." <ohartman@klima.physik.uni-mainz.de>, freebsd-questions@FreeBSD.ORG Subject: Re: IPFW or IPFILTER? Message-ID: <3BC70011.3000900@cybertron.tmfweb.nl> References: <20011012105749.M83020-100000@cactus.fi.uba.ar>
next in thread | previous in thread | raw e-mail | index | archive | help
Fernando Gleiser wrote: > On Fri, 12 Oct 2001, Hartmann, O. wrote: > > >>Hello. >> >>FreeBSD uses two filtering systems, ipfw and ipfilter and each of these >>both systems has its own adavantages and disadvantages. ipfilter seems to >>be more sophisticated in how to write rules. >>At the moment, we use ipfw around here due to the easy rule syntax. But >>that is not that what should be the main argument. I want to ask for the >>performance, mean the throughput/bandwith. Does anyone know something >>about the bandwith of both filters? What are the pro and contras? >> > > 2) rule groups: if your rule set is large, you can make it tree shaped > instead of a linear list, so the search time for a rule is lower. Not true, this is also posible in IPFW. Check out the skipto action. Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BC70011.3000900>