[LARTC] Hardware Configuration Ideas
Peter Surda
surda at shurdix.com
Tue Aug 16 19:21:02 CEST 2005
Also,
....
On Tue, 16 Aug 2005 11:38:06 -0500 "Taylor, Grant" <gtaylor at riverviewtech.net>
wrote:
>+If you are not doing much in the way if *VERY* *ADVANCED*
>+firewalling, just basic source and / or destination IP v
>alidation and / or source and / or destination port validation will not need
>+much of a processor. In fact I'd try it with a 500 MHz to 1 GHz system, what
>+ever is the most economical that you can get your hands on.
Yes. In fact most cases of "advanced" firewalling only mean that you have a
stupid fw-design, like hundreds/thousands of rules in one chain :-). Usually can
be optimised by using sub-chains, ipset and/or ipt_ACCOUNT.
Yours sincerely,
Peter
--
http://www.shurdix.org - Linux distribution for routers and firewalls
More information about the LARTC
mailing list