New pf install on Freebsd7 seem to be a slow starter.
Glen Barber
glen.j.barber at gmail.com
Thu Jul 17 13:00:03 UTC 2008
On Thu, Jul 17, 2008 at 8:55 AM, Jeremy Chadwick <koitsu at freebsd.org> wrote:
> On Thu, Jul 17, 2008 at 08:15:03AM -0400, Glen Barber wrote:
>> Hi. I'm just curious why you decided to use a table for this. I have
>> done something similar (disallowing access to certain domains) using
>> macros as follows:
>>
>> deny_sites="{ badsite.com , www.myspace.com , badsite2.com }"
>>
>> and didn't notice 'slowness' at boot. This was on a 6.3-RELEASE box,
>> if that matters.
>
> I don't think it matters if the entries are in a table or in a macro.
>
> Chances are whatever resolver you're using (e.g. an ISPs DNS server, or
> something upstream, versus named on the same box) had all of those
> entries cached, or has very good overall response time for DNS lookups.
> In the case of the OP, I believe he runs his own named.
>
I was under the assumption the OP runs his own DNS server, as that is
how my machine was set up.
Regards,
--
Glen Barber
http://www.dev-urandom.com/
More information about the freebsd-pf
mailing list