On 10/26/11 8:53 PM, Ian Smith wrote:
On Wed, 26 Oct 2011, Julian Elischer wrote:
On 10/26/11 2:39 PM, Michael Sierchio wrote:
On Wed, Oct 26, 2011 at 11:39 AM, Julian Elischerjul...@freebsd.org
wrote:
read up on all the things you can do with tablearg.. sometimes a
On 10/26/11 11:28 AM, Karim wrote:
On 11-10-25 11:30 PM, Michael Sierchio wrote:
On Tue, Oct 25, 2011 at 6:43 PM, Julian
Elischerjul...@freebsd.org wrote:
I find that the structure of teh ruleset has a huge affect on the
cpu usage.
for example I immediately split incoming and outgoing
On 10/26/11 2:39 PM, Michael Sierchio wrote:
On Wed, Oct 26, 2011 at 11:39 AM, Julian Elischerjul...@freebsd.org wrote:
read up on all the things you can do with tablearg.. sometimes a single
table can replace dozens of rules.
Julian - would you be so kind as to give an example?
- M
off
On Wed, 26 Oct 2011, Julian Elischer wrote:
On 10/26/11 2:39 PM, Michael Sierchio wrote:
On Wed, Oct 26, 2011 at 11:39 AM, Julian Elischerjul...@freebsd.org
wrote:
read up on all the things you can do with tablearg.. sometimes a single
table can replace dozens of rules.
Hi all,
I am using ipfw with a fairly small amount of rules (~200). Most of
those are skipto rules to different blocking and pass-through blocks. I
use ipfw tags, ALTQ, nat, fwd and several deny and allow rules and I do
not use/need tables.
What I find is around 400Mbps of traffic (~40kpps)
On 10/25/11 8:36 AM, Karim wrote:
Hi all,
I am using ipfw with a fairly small amount of rules (~200). Most of
those are skipto rules to different blocking and pass-through
blocks. I use ipfw tags, ALTQ, nat, fwd and several deny and allow
rules and I do not use/need tables.
What I find is
On Tue, Oct 25, 2011 at 6:43 PM, Julian Elischer jul...@freebsd.org wrote:
I find that the structure of teh ruleset has a huge affect on the cpu usage.
for example I immediately split incoming and outgoing packets apart and send
them to different groups of rules.
I also have different groups
