From owner-freebsd-current  Thu Feb  1 14:53:19 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id OAA08041
          for current-outgoing; Thu, 1 Feb 1996 14:53:19 -0800 (PST)
Received: from ra.dkuug.dk (ra.dkuug.dk [193.88.44.193])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id OAA08024
          for <current@freebsd.org>; Thu, 1 Feb 1996 14:52:56 -0800 (PST)
Received: from critter.tfs.com ([193.88.44.194]) by ra.dkuug.dk (8.6.12/8.6.12) with ESMTP id XAA10534; Thu, 1 Feb 1996 23:41:43 +0100
Received: from localhost.tfs.com (localhost.tfs.com [127.0.0.1]) by critter.tfs.com (8.6.12/8.6.12) with SMTP id XAA01198; Thu, 1 Feb 1996 23:52:40 +0100
X-Authentication-Warning: critter.tfs.com: Host localhost.tfs.com didn't use HELO protocol
To: Nate Williams <nate@sri.MT.net>
cc: michael butler <imb@scgt.oz.au>, current@freebsd.org
Subject: Re: ip_fw ordering of rules.. 
In-reply-to: Your message of "Thu, 01 Feb 1996 14:57:18 MST."
             <199602012157.OAA21193@rocky.sri.MT.net> 
Date: Thu, 01 Feb 1996 23:52:39 +0100
Message-ID: <1196.823215159@critter.tfs.com>
From: Poul-Henning Kamp <phk@critter.tfs.com>
Sender: owner-current@freebsd.org
Precedence: bulk

> > > > > It is always a singled linked list anyway...
> > > >  
> > > > Ugh ! Then there'll be no disadvantage in removing the "sort" :-)
> > > 
> > > Except that supposedly it 'orders' things so that the most common rules
> > > (or what it thinks should be most common) will be found at the top, thus
> > > making it faster since you don't have to walk the entire tree.
> > 
> > Well, I suggest you look at the ordering then, that is most
> > certainly >NOT< what the code does.
> 
> That's what it's supposed to do.  I guess it depends on what you think
> should be the most 'common' rules. :)

It basically sorts so that the rule covering most addresses come first.

It doesn't look at deny/pass in that context, so if you say:

		deny some specific port
		allow the rest

It will come out as:
		allow everything
		a deny rule never used.

--
Poul-Henning Kamp           | phk@FreeBSD.ORG       FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk    Private mailbox.
whois: [PHK]                | phk@ref.tfs.com       TRW Financial Systems, Inc.
Future will arrive by its own means, progress not so.