Firewall Wizards mailing list archives

Re: Firewall performance

From: Mike Shaver <shaver () mozilla org>
Date: Tue, 29 Jun 1999 10:56:22 -0400

Darren Reed wrote:

In some email I received from David C Niemi, sie wrote:

and there is a special case to do
direct NIC-to-NIC transfers with certain hardware to cut out one of those
DMAs (if I understand NET_FASTROUTE option correctly).


So how do you firewall packets which go from one NIC to the other, directly ?


If you turn on firewalling, you don't get fastroute:

CONFIG_NET_FASTROUTE
  Saying Y here enables direct NIC-to-NIC (NIC = Network Interface
  Card) data transfers, which is fast.

    *** This option is NOT COMPATIBLE with several important ***
    *** networking options: especially CONFIG*FIREWALL.      ***

Mike

-- 
1673974.39 1558509.83

Current thread:

Re: Firewall performance, (continued)
- Re: Firewall performance Chris Brenton (Jun 23)
- Re: Firewall performance Lance Spitzner (Jun 23)
- Re: Firewall performance Carric Dooley (Jun 25)
- RE: Firewall performance Choi, Byoung (Jun 23)
- RE: Firewall performance sean . kelly (Jun 23)
- RE: Firewall performance Marcus J. Ranum (Jun 23)
  - RE: Firewall performance David LeBlanc (Jun 28)
- RE: Firewall performance Ryan Russell (Jun 24)
  - RE: Firewall performance David C Niemi (Jun 28)
    - Re: Firewall performance Darren Reed (Jun 29)
    - Re: Firewall performance Mike Shaver (Jun 29)
    - Re: Firewall performance Darren Reed (Jun 29)
  - RE: Firewall performance David LeBlanc (Jun 28)
- Re: Firewall performance Robert Graham (Jun 28)
- RE: Firewall performance Robert Graham (Jun 28)
- Re: Firewall performance Sean Costello (Jun 28)