Brian J. Murrell wrote: > On Thu, 2007-05-04 at 22:30 -0700, Tom Eastep wrote: >> It is unlikely that embedded distributions like OpenWRT will ever have >> Perl (it's BIG). > > Oh definitely. > >> So the most promising approach seems to be to run >> Shorewall-perl on another box and Shorewall-lite on the embedded system. > > Yeah, that's exactly what I meant. What I was wondering though is how > much smaller shorewall-lite's footprint will get when it's work is done > by iptables-restore.
Not a lot -- each rule generates only one line of script rather than two now. > > I'd think that hopefully, a shorewall-lite could be loaded with only two > round trips... one to gather information and one to ship the result and > run iptables-restore. Shorewall-perl doesn't change the interaction sequence: - One round trip to gather capabilities (if no capabilities file or if capabilities requested). - One route trip to upload the generated script. - One upload to run the generated script -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
