Firewall Profiling.
Pawel Tyll
ptyll at nitronet.pl
Tue Dec 27 14:18:17 UTC 2011
> plans, yes - not sure how long it will take. I have compiled
> ipfw+dummynet as a standalone module (outside the kernel)
> but have not yet hooked the code to netmap to figure out how fast
> it can run.
If I understand correctly, this would require netmap to catch every
packet from interfaces that would be firewalled/routed using ipfw, and
then during processing determine if packet is destined for local host
or network and write it out to host kernel for normal processing or
quickly write it out to some destination OS? In other words, userland
routing engine using netmap? :)
More information about the freebsd-ipfw
mailing list