Date: Fri, 22 Jun 2001 11:23:35 +0200 From: "Nicolai Petri" <freebsd@petri.cc> To: <freebsd-hackers@freebsd.org> Subject: An netgraph firewall module ? Is this possible / good performing ? Message-ID: <008e01c0fafd$034e8000$8632a8c0@atomic.dk>
next in thread | raw e-mail | index | archive | help
Hi hackers, I've used some time writing a custom natd like daemon which makes som speciel packet processing. One of the issues with the natd approach is the large amount of context-switches it gives. This can be a real performance problem on very loaded networks. Would it be possible to do this with netgraph instead. And what is the pro's and con's for this approach. As a second step in developement how should protocol verification (ftp/smtp/whatever) be added to a netgraph firewall approach in a structured and dynamic extendable way ? Best regards, Nicolai Petri To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?008e01c0fafd$034e8000$8632a8c0>