Date: Wed, 18 Sep 2013 18:07:05 +1000 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: h bagade <bagadeh@gmail.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: impact of disabling firewall on performance? Message-ID: <20130918175406.B1460@sola.nimnet.asn.au> In-Reply-To: <CAARSjE07M92tFmQkXPbN4_5b_eXseiYekZHkL=0b6UOK-qtixA@mail.gmail.com> References: <CAARSjE07M92tFmQkXPbN4_5b_eXseiYekZHkL=0b6UOK-qtixA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 18 Sep 2013 12:00:30 +0430, h bagade wrote: > Hi all, > > I've heard that disabling firewall with commands or setting related sysctl > parameter wouldn't increase performance and still firewalls participate in > forwarding process. The only way to reach a better performance is making > firewall modules to being loaded dynamically and thereafter unloading > firewall modules! Where exactly did you hear that? > I want to know is it right? and if so, why it should be like this? The difference between not invoking a firewall at all and invoking one with a single 'pass all' rule would be fairly difficult to measure per packet. If your firewall is a bottleneck you likely have larger issues. cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130918175406.B1460>