Separate rules for each port, or one for all ports?
Freddie Cash
fjwcash at gmail.com
Wed Mar 19 13:32:11 PDT 2008
I'm just curious if there is any information available on how quickly ipfw
processes rules, and whether or not a long list of ports in a single rule
makes things faster or slower?
Just curious if there is a big difference between:
ipfw add allow tcp from any to me 22,25,80,110,143,443,10000 in recv fxp0
and
ipfw add allow tcp from any to me 22 in recv fxp0
ipfw add allow tcp from any to me 25 in recv fxp0
ipfw add allow tcp from any to me 80 in recv fxp0
ipfw add allow tcp from any to me 110 in recv fxp0
ipfw add allow tcp from any to me 143 in recv fxp0
ipfw add allow tcp from any to me 443 in recv fxp0
ipfw add allow tcp from any to me 10000 in recv fxp0
Other than the ability to track traffic through each port, of course.
--
Freddie Cash
fjwcash at gmail.com
More information about the freebsd-net
mailing list