How would I know if IPF is the problem? I stole the IPF rules from 2 of the IPF examples in /usr/share/examples/ipf
On Thu, Jul 1, 2021 at 9:39 PM Brett Lymn <bl...@internode.on.net> wrote: > > On Thu, Jul 01, 2021 at 07:05:13PM -0400, Todd Gruhn wrote: > > Is there a way to order IPF-rules so I can get on gmail quicker? > > What about speeding up network access in general? > > A couple of thoughts: > > 1) are you sure it is ipf causing the issue? How is gmail without the > firewall on? I wouldn't expect a performance impact from ipf unless > your firewalling is very complex. > > 2) are you sure your rules are correct? A particularly favourite > hobby-horse of mine is people blocking DNS over tcp/53 due to the > totally WRONG belief that only dns zone transfers use tcp/53. This is > WRONG (did I say wrong?) - if a DNS response won't fit into a UDP packet > then the DNS server will reply to the client telling it to try over tcp. > If your firewall doesn't allow that to happen there may be delays in > name resolution which could cause the appearance that gmail is slow. > > -- > Brett Lymn > -- > Sent from my NetBSD device. > > "We are were wolves", > "You mean werewolves?", > "No we were wolves, now we are something else entirely", > "Oh"
