Hi!
While hacking on alff [42] I asked myself what would be more wise to
use for matching multiple ports on multiple servers/ips
a) on rule for every ip/port combination
b) two rules for every server, one for tcp and one for udp
(assumend I only have to match for udp and tcp stuff).
(The whole scenario is the following:
I generate rules to regulate access to different services.
Every service is transalted into an own chain.
Therein I generate a matrix of host running this service and port
related to it - like a))
As there are some services with ~ 20 ports (think: Windows(r) DC)
there might be some advantage in choosing the faster way.
Is there any "benchmark" which might enligthen me which way to use?
Any comments?
Thanks in advance
Ciao
Max
--
Follow the white penguin.
