In some email I received from Tao Peng, sie wrote: > Dear All: > > I am using ipfilter to filter the real traffic. I have append many rules > to filter the packets. The computer performs very slow after I configured > it with these rules. I am wondering what is the speed of ipfilter regarding > to the number of rules. btw, when a packet arrives at the interface, does > the ipfilter check all the rules one by one and then make a decision whether > to admit the packet or drop it? Or the ipfilter buffer all the incoming > packets first and use intelligent algorithm to speed up the process?
It doesn't queue up packets because it doesn't know when the next one will be. Processing of rules is O(n), as it should be. Darren
