So i should prefer iptables rather than squid in filtering sites? Thanks.
'Jopoy Mensahe ni Norbert P. Copones... >> For basic packet filtering (iptables, ipfw and ipfilter)...imho, I >> don't think either one is significantly faster than the other :-) > > in "stateless" filtering, especially with increasing rule size. iptables > may perform faster than ipf. i have also read some technical issues > regarding this and daniel hartmeier's presentation on usenix 2002. > >> (I don't feel the same way about Linux's IP masq vs NATD though) ;-) > > same feeling with ipmasq and natd (except ipnat ;-) > although i prefer pf on my nat and firewall boxes (btw, this is only my > personal preference :-) > >> Also, the way you write the rules and organize *might be a factor too. >> (Although I'm thinking about the way ipfilter process its rules here) > > true. the way rules are written can be a factor too (e.g. i can > skip-step to optimize my pf rules). the way ipf process rules may be > different from iptables (especially on stateful ruleset). > > cheers! > > > -- > Philippine Linux Users' Group (PLUG) Mailing List > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie ----------------------- University of Baguio General Luna Road Baguio City Philippines 2600 Phone: +63(74)442-3540 Fax: +63(74)442-3071 http://www.ubaguio.edu -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
