Date: Wed, 19 Sep 2001 21:41:41 +0200 (CEST) From: Luigi Rizzo <luigi@info.iet.unipi.it> To: Bill Fumerola <billf@mu.org> Cc: Leif Neland <leifn@neland.dk>, "Marc G. Fournier" <scrappy@hub.org>, freebsd-net@FreeBSD.ORG Subject: Re: ipfw problems ... Message-ID: <200109191941.VAA49173@info.iet.unipi.it> In-Reply-To: <20010919140735.Y826@elvis.mu.org> from Bill Fumerola at "Sep 19, 2001 02:07:35 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, Sep 19, 2001 at 07:39:13PM +0200, Leif Neland wrote: > > > Or you could patch ipfw to be able to use a hash-db :-) > > skipto caches the pointer of the rule its skipping to the first time > it uses that rule. not going to get a better hash hit then that... not enough. The original message was asking for a rule of the form <action> $addr in $set ... where $set is a potentially large set of addresses (or ports as well), which, when "compiled", creates a hash table where one can do the search on O(1) time. With the current syntax we still have to explode the set with individual rules (naive approach) or something resembling a trie (using skipto rules). cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone (510) 666 2927 . ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109191941.VAA49173>