|
||||||||
On Wed, Sep 7, 2011 at 5:41 PM, Tonix (Antonio Nati) <tonix at interazioni dot it>wrote: > Il 07/09/2011 22:32, Joey Morin ha scritto: > > On Wed, Sep 7, 2011 at 11:53 AM, Tonix (Antonio Nati) >> <tonix at interazioni dot it>wrote: >> >> With this small change manageability would become fantastic for ISP >>> environments. >>> Rules would be much less, and general speed of monowall would be better. >>> >>> while i agree that this kind of feature would be much easier to manage >> and >> maintain (especially in a situation with soooo many interfaces), it's >> unlikely that it would improve performance. i suspect that the >> configuration feature you seek would still need to generate individual >> rules >> for each interface, either at configuration time or dynamically at run >> time. >> >> > Why? > i assumed that ipfilter would manage queues for each interface, rather than one big queue for the whole box. |