From owner-freebsd-ipfw  Mon Dec 24  7:34:15 2001
Delivered-To: freebsd-ipfw@freebsd.org
Received: from jasper.nighttide.net (jasper.nighttide.net [216.220.229.89])
	by hub.freebsd.org (Postfix) with ESMTP id A357F37B41B
	for <freebsd-ipfw@freebsd.org>; Mon, 24 Dec 2001 07:34:12 -0800 (PST)
Received: from localhost (darren@localhost)
	by jasper.nighttide.net (8.11.6/8.11.6) with ESMTP id fBNMIpc00714
	for <freebsd-ipfw@freebsd.org>; Sun, 23 Dec 2001 17:18:51 -0500 (EST)
	(envelope-from darren@nighttide.net)
Date: Sun, 23 Dec 2001 17:18:51 -0500 (EST)
From: Darren Henderson <darren@nighttide.net>
To: freebsd-ipfw@freebsd.org
Subject: silly question...
Message-ID: <Pine.BSF.4.40.0112231713280.686-100000@localhost>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ipfw.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ipfw>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ipfw>
X-Loop: FreeBSD.ORG


Any processing efficiences in gathering up ports in a single rule as
opposed to one rule per each port?

In other words is something like this....

ipfw add allow tcp from any to hostname 22,25,53,80,443 setup

better then

ipfw add allow tcp from any to hostname 443 setup
ipfw add allow tcp from any to hostname 80 setup
ipfw add allow tcp from any to hostname 53 setup
ipfw add allow tcp from any to hostname 25 setup
ipfw add allow tcp from any to hostname 22 setup

... in terms of "speed". Obviously it makes the config file somewhat
messier...

______________________________________________________________________
Darren Henderson                                  darren@nighttide.net

                   Help fight junk e-mail, visit http://www.cauce.org/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message