* iptables support this?
@ 2003-07-18 14:55 Augusto Flavio
2003-07-18 15:10 ` Shawn
2003-07-19 4:08 ` George Vieira
0 siblings, 2 replies; 3+ messages in thread
From: Augusto Flavio @ 2003-07-18 14:55 UTC (permalink / raw)
To: netfilter
Hi,
The IPTables support some like 500 rules?
The performance fail much?
Tkz!
Augusto Flavio
_______________________________________________________________________
Yahoo! Mail
Mais espaço, mais segurança e gratuito: caixa postal de 6MB, antivírus, proteção contra spam.
http://br.mail.yahoo.com/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: iptables support this?
2003-07-18 14:55 iptables support this? Augusto Flavio
@ 2003-07-18 15:10 ` Shawn
2003-07-19 4:08 ` George Vieira
1 sibling, 0 replies; 3+ messages in thread
From: Shawn @ 2003-07-18 15:10 UTC (permalink / raw)
To: Augusto Flavio; +Cc: netfilter@lists.netfilter.org
Performance no fail much, but you fail to mention how it is all
organized. Not that it should matter much with modern CPUs. How many
sequential steps in the path you're worried about? 500? That would be
just silly.
I'm guessing you have different rules for different IP or IP range
matches. No big deal.
Keep in mind if you're that worried about speed, maybe you ought to
think about making your routing and firewalling separate.
On Fri, 2003-07-18 at 09:55, Augusto Flavio wrote:
> Hi,
> The IPTables support some like 500 rules?
> The performance fail much?
>
>
> Tkz!
^ permalink raw reply [flat|nested] 3+ messages in thread
* RE: iptables support this?
2003-07-18 14:55 iptables support this? Augusto Flavio
2003-07-18 15:10 ` Shawn
@ 2003-07-19 4:08 ` George Vieira
1 sibling, 0 replies; 3+ messages in thread
From: George Vieira @ 2003-07-19 4:08 UTC (permalink / raw)
To: Augusto Flavio, netfilter
I had at one stage about 500+ rules and had no performance lose on a 2MB
HDSL link using a Pentium 2 300Mhz server.. I was actually shocked.. ;)
It was more services running on that box that lagged ie. transparent proxy,
mail gateway, etc.. but not iptables..
-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org]On Behalf Of Augusto Flavio
Sent: Saturday, July 19, 2003 12:55 AM
To: netfilter@lists.netfilter.org
Subject: iptables support this?
Hi,
The IPTables support some like 500 rules?
The performance fail much?
Tkz!
Augusto Flavio
_______________________________________________________________________
Yahoo! Mail
Mais espaço, mais segurança e gratuito: caixa postal de 6MB, antivírus,
proteção contra spam.
http://br.mail.yahoo.com/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-07-19 4:08 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-07-18 14:55 iptables support this? Augusto Flavio
2003-07-18 15:10 ` Shawn
2003-07-19 4:08 ` George Vieira
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.