On Wed, Oct 31, 2007 at 04:14:55PM +0300, Guntis Bumburs wrote: > On Wednesday 31 October 2007 13:52:15 Stuart Henderson wrote: > > On 2007/10/31 14:02, Guntis Bumburs wrote: > > > It would be nice if there was a knob to mark some rules "skip on high > load" so > > > they would be skipped to avoid congestion. > > > > So, when the system is already busy, it has to do extra processing > > to figure out which rules to use? Hmmmm... > Maybe it could be added in rule like: > pass in log quick "this_rule_can_be_skipped" on $ext_if proto tcp .... > so if the system is busy pf can skip all the rules (or 1 by 1 ) witch > contains "this_rule_can_be_skipped" option?
In case of congestion pf skips ALL rules, so you should be fine ;) Now that 4.2 is out, just give it a try ... Can
