Also, .... On Tue, 16 Aug 2005 11:38:06 -0500 "Taylor, Grant" <gtaylor@xxxxxxxxxxxxxxxxx> wrote: >+If you are not doing much in the way if *VERY* *ADVANCED* >+firewalling, just basic source and / or destination IP v >alidation and / or source and / or destination port validation will not need >+much of a processor. In fact I'd try it with a 500 MHz to 1 GHz system, what >+ever is the most economical that you can get your hands on. Yes. In fact most cases of "advanced" firewalling only mean that you have a stupid fw-design, like hundreds/thousands of rules in one chain :-). Usually can be optimised by using sub-chains, ipset and/or ipt_ACCOUNT. Yours sincerely, Peter -- http://www.shurdix.org - Linux distribution for routers and firewalls _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
