On 10 Jun 2002 at 10:52, Tao Peng wrote:
> Dear All:
>
> I am using ipfilter to filter the real traffic. I have append many rules
> to filter the packets. The computer performs very slow after I configured
> it with these rules. I am wondering what is the speed of ipfilter regarding
> to the number of rules. btw, when a packet arrives at the interface, does
> the ipfilter check all the rules one by one and then make a decision whether
> to admit the packet or drop it?
1: processing continues down the rule list until a rule with "quick" is
satisfied or the last rule is evaluated. Using "quick can speed things up a
lot..
2: you can break up the rules into groups and thus not have to go through
all of them.
