> 6. mai 2020 kl. 22:00 skrev Lars Bonnesen <[email protected]>: > > Is it no longer important to group block/pass in/out for speed optimization? > > I see many "modern" pf.conf where everything is mixed more or less randomly
My advice would be to write your pf.conf in a way that makes sense in your environment and is readable to whoever gets to maintain the thing. As Theo pointed out, the built-in optimizer will do reordering and other tricks for performance if there is a need and you do not explicitly disable optimization. All the best, — Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
signature.asc
Description: Message signed with OpenPGP
