On Wed, 18 Sep 2013 12:00:30 +0430, h bagade wrote: > Hi all, > > I've heard that disabling firewall with commands or setting related sysctl > parameter wouldn't increase performance and still firewalls participate in > forwarding process. The only way to reach a better performance is making > firewall modules to being loaded dynamically and thereafter unloading > firewall modules!
Where exactly did you hear that? > I want to know is it right? and if so, why it should be like this? The difference between not invoking a firewall at all and invoking one with a single 'pass all' rule would be fairly difficult to measure per packet. If your firewall is a bottleneck you likely have larger issues. cheers, Ian _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[email protected]"
