Re: Weird Problem with TCP

From: Andre Tomt
Date: Sun Sep 05 2004 - 19:44:14 EST

Next message: Eric Mudama: "Re: HDD LED doesn't light."
Previous message: William Lee Irwin III: "Re: [PATCH] lighten mmlist_lock"
In reply to: Rohit Neupane: "Re: Weird Problem with TCP"
Next in thread: Rohit Neupane: "Re: Weird Problem with TCP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rohit Neupane wrote:

No, it is not running any session tracking (ip_conntrack) neither it
does nat. It is just a firewall with around 1600 rules in FORWARD
mangle table and around 1500 rules in FORWARD filter table. Out of
1500 rules , 1377 rules are MAC filter rules.
And it had 3 alias address for the interface conneted to the wirelss.

Ouch. Thats a lot of rules to traverse for each packet. Segment them into chains if possible. Also you may want to take a look at nf-hipac, http://www.hipac.org

--
André Tomt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric Mudama: "Re: HDD LED doesn't light."
Previous message: William Lee Irwin III: "Re: [PATCH] lighten mmlist_lock"
In reply to: Rohit Neupane: "Re: Weird Problem with TCP"
Next in thread: Rohit Neupane: "Re: Weird Problem with TCP"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]