** Reply to message from David Durst <ddurst@larubber.com> on Sun, 01 Dec 2002 15:22:02 -0800 (PST) > >>But then again you may want to think twice about using a DEFAULT DROP > >> firewall, DEFAULT DROP uses alot of resources for packets you might > >> just be able to ignore. > > > > That is false. > > > > DROP means "drop this packet on the floor and do not process it", which > > is the least resource using of the bunch. > > > >>I you would like to understand more drop a line to me. > > > > LOL > > > Mike, I would rather not respond to any of your posts but I think in > this case I am forced to. BTW - LOLs at typos are not needed. > > Mike by the very nature of what you stated about DROP it does have to DOOOOO > something, yes it has to drop it - but then again why DROP a packet or even > bother with inserting a rule if the packet won't do anything in the first > place. > > I think the policy of just IGNORE packets that do nothing is the best. Oh, please tell me where I can find this IGNORE target. Are you playing with your own iptables source code? jb -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
