New pf install on Freebsd7 seem to be a slow starter.
Glen Barber
glen.j.barber at gmail.com
Thu Jul 17 12:31:22 UTC 2008
On Wed, Jul 9, 2008 at 2:29 PM, Leslie Jensen <leslie at eskk.nu> wrote:
[:: snip ::]
>
> # tables
> table <goodguys> { something.somewhere.com, somethingelse.somewhere.com,
> xxx.yyy.zzz.qqq }
>
[:: snip ::]
>
> # Let the goodguys access the machine from the outside
> pass in on $ext_if inet proto tcp from <goodguys> to ($ext_if) \
> port $tcp_services flags S/SA keep state
>
Hi. I'm just curious why you decided to use a table for this. I have
done something similar (disallowing access to certain domains) using
macros as follows:
deny_sites="{ badsite.com , www.myspace.com , badsite2.com }"
and didn't notice 'slowness' at boot. This was on a 6.3-RELEASE box,
if that matters.
Regards,
--
Glen Barber
http://www.dev-urandom.com/
More information about the freebsd-pf
mailing list