Sangeeta Misra wrote: >>> This wquld probably mean that at ip_input() we check to see if packet >>> is ssh protocol, if its not, we match the packets dest port and >>> protocol to those that show up in lb rules or else drop the packet. >> >> Why not just configure IP Filter with a ruleset to handle this? >> >> Erik > Possibly perf reason?
If IP Filter has performance issues, then let's work on those instead of
trying to create a new piece of IP Filter code.
Erik
