impact of disabling firewall on performance?
Ian Smith
smithi at nimnet.asn.au
Wed Sep 18 08:27:33 UTC 2013
On Wed, 18 Sep 2013 12:00:30 +0430, h bagade wrote:
> Hi all,
>
> I've heard that disabling firewall with commands or setting related sysctl
> parameter wouldn't increase performance and still firewalls participate in
> forwarding process. The only way to reach a better performance is making
> firewall modules to being loaded dynamically and thereafter unloading
> firewall modules!
Where exactly did you hear that?
> I want to know is it right? and if so, why it should be like this?
The difference between not invoking a firewall at all and invoking one
with a single 'pass all' rule would be fairly difficult to measure per
packet. If your firewall is a bottleneck you likely have larger issues.
cheers, Ian
More information about the freebsd-net
mailing list