Re: ipfw NAT, igb and hardware checksums

This looks mostly sensible. hm! -a On 13 January 2016 at 11:55, Karim Fodil-Lemelin wrote: > Hi, > > I've hit a very interesting problem with ipfw-nat and local TCP traffic that > has enough TCP options to hit a special case in m_megapullup(). Here is the > story:

Re: layer2 ipfw 'fwd' support

On Mon, Oct 04, 2010, Julian Elischer wrote: -Brandon Yes, its still required since ipfw fwd ignores layer2 frames. The application is the very same: squid. I mean, Lusca in fact (squid fork). Thank you for your interest. Cisco/Ironport have a patch that does this.. I had permission to

Re: IPFW MAX RULES COUNT PERFORMANCE

, as I do? I can create two rules for the in / out for each user associated with a pipe? When simulating this with a script adding hundreds of rules, the latency also increases, as resolve this ? Adrian Chadd escreveu: You'd almost certainly be better off hacking up an extension to ipfw which

Re: IPFW MAX RULES COUNT PERFORMANCE

You'd almost certainly be better off hacking up an extension to ipfw which lets you count a /24 in one rule. As in, the count rule would match on the subnet/netmask, have 256 32 (or 64 bit) integers allocated to record traffic in, and then do an O(1) operation using the last octet of the v4