Hi, >Has anyone ever researched the latency of xtables when a Linux box >functions as a firewall? This paper is a nice read: http://www.google.com/url?sa=t&source=web&cd=6&ved=0CE0QFjAF&url=http%3A%2F%2Fcourseware.ee.calpoly.edu%2F3comproject%2FPublished%2520Papers%2Fsecurity.pdf&rct=j&q=iptables%20netfilter%20latency%20paper%20pdf&ei=2pI_Tu-VKITJswbov5Qg&usg=AFQjCNFjUZwGHDhdBhtxwQgqlQbYCMjBFw&cad=rja It's very detailed on the issue of rule overhead (Conclusion 5.1 b). Unfortunately paper is from 2002. Since then most of the code was rewritten. Maybe we, as netfilter community, should lobby some university professor to let his students do a *remake* of this work ;-). Anyone here with ties to education sector? Best regards, Marek Kierdelewicz -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
