New Firewall (hpf) for DragonFlyBSD
Simon 'corecode' Schubert
corecode at fs.ei.tum.de
Fri Jan 9 09:06:58 PST 2004
On 09.01.2004, at 15:28, Seb wrote:
Here you can found patch for using High Performance Firewall under
DragonFlyBSD. This firewall is a new type and exprimental. It's a
constant
time firewall, so CPU consumption is not dependent of rules number.
This a
turboACL like implementation so the kernel code is very very little.
Actually, hpf recognize some ipfw syntax but an ipfilter parser can be
developped. Dynamic rules are not supported for the moment and some
options
too. You can see at http://www.phear.org/~spe/syntaxe.txt what type of
syntax is recognized.
I'm sorry, maybe I'm just ignorant, but doesn't such a tree need 256^14
(or 13) entries?
Also, using ints to store pointers won't work on all architectures.
cheers
simon
--
/"\ http://corecode.ath.cx/#donate
\ /
\ ASCII Ribbon Campaign
/ \ Against HTML Mail and News
Attachment:
PGP.sig
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00006.pgp
Type: application/octet-stream
Size: 186 bytes
Desc: "Description: This is a digitally signed message part"
URL: <http://lists.dragonflybsd.org/pipermail/submit/attachments/20040109/0ff7e52e/attachment-0014.obj>
More information about the Submit
mailing list