[CentOS] Optimizing CentOS for gigabit firewall
Christopher Chan
christopher.chan at bradbury.edu.hk
Mon Dec 21 03:58:18 UTC 2009
Les Mikesell wrote:
> Chan Chung Hang Christopher wrote:
>> That part about high-core speed for OpenBSD pf is definitely on. The
>> multi-processor part...not too sure. Maybe with NUMA systems like what
>> you get on AMD Opteron platforms.
>>
>
> Don't both iptables and pf bypass the filters for established TCP connections
> (making the filtering speed only rarely relevant)?
>
Yeah, IF you set up the rules right. On that score, i think openbsd has
a certain order iirc so you cannot go wrong there...but with iptables
and netfilter...heh.
More information about the CentOS
mailing list