Re: PF gateway performance
Hi All: With some not *too* crappy nic cards i have gotten nearly 90Mb Xfer rates with OpenBSD3.2 WITH pf blocking some traffic. Another thing you might look at is whether your connection is 100BaseTX Full-Duplec. You should be able to do better than 3mb even with RL cards. Marina Brown On Wed, 19 Feb 2003, Daniel Hartmeier wrote: > On Mon, Feb 17, 2003 at 12:20:51PM +0100, Ed White wrote: > > > It was a FTP transfer between .1.10 and .2.10 and got 3 Mbyte/s as max > > transfer rate and the console was not responsive. > > Using a switch (instead of the box) I jumped to 6.5 Mbyte/s. > > Repeat the same test with pf disabled (pfctl -d). I'm almost sure it > won't make any difference, so the bottleneck isn't pf but the nics. > > Daniel > > >
Re: RFC: libpf, simplifying pf(4) access to userland apps
On Thu, 09 Jan 2003, Srebrenko Sehic wrote: > > 4) I've never used authpf, but I wonder why authpf does not > > call the pfctl binary, to have the benefit of code reuse without > > that tricky sharing of files. Combining binaries is usually the > > Unix way, I believe. > > pfctl does not support inserting rules on the fly and authpf needs that. > On the other hand, the overhead of having that would be too big. > I run an ISP that is almost totally OpenBSD. While i understand the need for pfctl to be lightweight, it would be VERY nice to have a utility to add or delete a temporary rule when an attack is on. ...Guess i should take a look at the authpf and pfctl code Marina Brown > // haver -- == "Speculators may do no harm as bubbles on a steady stream of enterprise. But the position is serious when the enterprise becomes the bubble on a whirlpool of speculation. When the capital development of a country becomes a by-product of the activities of a casino, the job is likely to be ill-done". John Maynard Keynes. "The General Theory of Employment, Interest and Money". 1936 ===
authpf in Current and 3.3
Hi All: Will binat and altq work with authpf in the coming release ? I am planning a wireless network that will use authpf to limit users. I would like VERY much to be able to load altq rules for each user. Marina Brown -- == "Speculators may do no harm as bubbles on a steady stream of enterprise. But the position is serious when the enterprise becomes the bubble on a whirlpool of speculation. When the capital development of a country becomes a by-product of the activities of a casino, the job is likely to be ill-done". John Maynard Keynes. "The General Theory of Employment, Interest and Money". 1936 ===