Doug Barton wrote:
Julian Elischer wrote:
I think the table is faster for mor ethan about 8 addresses (so we
are borderline) but it's be hard to test.. You however use two rules
so that would be slower.
I'm not a firewall expert so I won't comment on the specifics but I do
want to say that as a general rule "it works + fast/efficient" is MUCH
more important for default settings than "it works really well" or "it
works + more features." For better or worse we live in a world where
most users don't read the manuals, and that includes the ones running
"benchmarks" with default settings.
I think the change is better from the point of view that it is easier
to read (for me) and behaves better.
OTOH I do think it would be entirely appropriate to include a "better"
example commented out next to the "fast" default. I take a similar
approach with the default named.conf and have had good feedback from
users who appreciate pointers to more information when they actually
do get curious.
hth,
Doug
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
