How to optimize ruleset for gateway?
Sergej Kandyla
_paix at rambler.ru
Thu Feb 15 18:46:27 UTC 2007
Vladimir Kapustin wrote:
>I don't think this is a good idea, and now I choosing some other
>variants of optimization, such as:
>
>1. Configure PF for major rules and SPAM filtering and IPFW+DUMMYNET for
>queueing. I've read somewhere, that IPFW-shaper supports tables the way I
>need. I'm afraid that two firewalls should significantly decrease perfomance.
>
>
>
I think you should configure PF with PF-ALTQ
Some PF resources :
http://www.openbsd.org/faq/pf/
http://www.benzedrine.cx/ackpri.html
Examples in /usr/share/examples/pf/ could be useful too.
>2. Configure only IPFW. But this means that I have to read full documentation
>about it, and find the way to protect the Internet from SPAM going from my
>local NET.
>
>
>Could somebody give me some advice what way to go?
>
>
>
More information about the freebsd-isp
mailing list