On Thu, Jul 01, 2021 at 07:05:13PM -0400, Todd Gruhn wrote: > Is there a way to order IPF-rules so I can get on gmail quicker? > What about speeding up network access in general?
A couple of thoughts: 1) are you sure it is ipf causing the issue? How is gmail without the firewall on? I wouldn't expect a performance impact from ipf unless your firewalling is very complex. 2) are you sure your rules are correct? A particularly favourite hobby-horse of mine is people blocking DNS over tcp/53 due to the totally WRONG belief that only dns zone transfers use tcp/53. This is WRONG (did I say wrong?) - if a DNS response won't fit into a UDP packet then the DNS server will reply to the client telling it to try over tcp. If your firewall doesn't allow that to happen there may be delays in name resolution which could cause the appearance that gmail is slow. -- Brett Lymn -- Sent from my NetBSD device. "We are were wolves", "You mean werewolves?", "No we were wolves, now we are something else entirely", "Oh"
