On Wed, Jun 2, 2010 at 5:36 AM, Per Buer <pe...@varnish-software.com> wrote: > On Tue, Jun 1, 2010 at 9:59 PM, Chris Buechler <cbuech...@gmail.com> wrote: > >> One other consideration with any HTTP load testing with stateful >> firewalls is to be careful with your methodology. (..) > > Is there a way to bypass the state tracking for a specific packet? >
You can change the state type to "no state" on any firewall rule. Ensure you have "no state" rules matching the reply traffic as well. I don't think that will make much difference though, the overhead isn't really in state tracking as much as it's in filtering in general. You're still running it through the packet filter. If you just want something really fast, disable PF entirely and you have a dramatically faster router that can't filter any traffic. That's the only thing that will be a considerable performance improvement. What kind of throughput are you seeing when the CPU is pegged? --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
