pf performance?
Kajetan Staszkiewicz
vegeta at tuxpowered.net
Fri Apr 26 17:50:03 UTC 2013
Dnia piątek, 26 kwietnia 2013 o 00:52:43 Erich Weiler napisał(a):
> > How many pf rules do you have?. And, as I asked in my previous post, do
> > you create states on both sides of the firewall?
>
> One interface has 12 rules and other other interface has one rule. We
> do create states on both sides.
That's not too many rules, but are you sure you also create states for
"postrouting" traffic? When you do "pass (quick) in on $public some other
conditions", you also should have a general "pass quick out on $internal" (and
vice versa), as close to the top of pf.conf, of course unless you need separate
pre and post routing pf filtering rules.
--
| pozdrawiam / greetings | powered by Debian, CentOS and FreeBSD |
| Kajetan Staszkiewicz | jabber,email: vegeta()tuxpowered net |
| Vegeta | www: http://vegeta.tuxpowered.net |
`------------------------^---------------------------------------'
More information about the freebsd-net
mailing list