On Thu, May 03, 2001 at 09:50:25AM +0200, Luigi Rizzo wrote:
> wrong. It is an interpreted bytecode, much slower than,
> say, approaches which translate individual filters into
> native machine code (DPT/DPF ? don't remember the exact reference,
> it was some usenix/sigcomm paper).
http://www.pdos.lcs.mit.edu/~engler/dpf.html
> > and that BPF scales very well for even complex
> > expressions.
>
> this is more a ruleset compiler issue, where you try to analyse
> the whole ruleset and find out what are the important
> field to look at, build a tree/trie to drive your
> searches, use lookup and hash tables, etc.e tc. -- there is a lot of
> recent literature on the topic of fast packet classification.
yeah, someone should write an ipfw compiler. :->
--
Bill Fumerola - security yahoo / Yahoo! inc.
- [EMAIL PROTECTED] / [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
