Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 20 Mar 2020 19:12:39 +0100
From:      <driesm.michiels@gmail.com>
To:        <freebsd-ipfw@freebsd.org>
Subject:   Rule optimization
Message-ID:  <005401d5fee3$247d7250$6d7856f0$@gmail.com>

Next in thread | Raw E-Mail | Index | Archive | Help
Hi IPFW mailing list,

 

What would be more efficient, theoretically? Below the two cases I'm
thinking about.

Note that the first 4 commands of case 2 are not really action rules and are
just setting up the table which for the sake of example I included.

 

Case 1)

*	Allow ip from any to any via $lanif
*	Allow ip from any to any via $loopif
*	Allow ip from any to any via $vpnif

 

Case 2)

*	table trustedif create type iface
*	table trustedif add $lanif
*	table trustedif add $loopif
*	table trustedif add $vpnif
*	Allow ip from any to any via "table(trustedif)"

 

Thanks in advance!

 

Regards,

Dries

 




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?005401d5fee3$247d7250$6d7856f0$>