[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF quick

To: "Simon Peres" <simon.peres@gmx.net>
Subject: Re: PF quick
From: kjell@pintday.org
Date: Fri, 22 Mar 2002 15:25:04 -0700
Cc: "OpenBSD Misc" <misc@openbsd.org>

> can someone tell me what the pros and cons are of using the "quick"
> keyword in packet filter? for example, do rules with "quick" use more
> cpu power?
> 
> or is it just a matter of taste whether someone wants to use it or not?

"quick" stops evaluating rules upon a match.
This means if rules later on in your ruleset would also have matched
the packet in question they won't get evaluated.

Without it, the last match always wins.

Technically, using quick rules should speed processing a bit,
since a match won't have to evaluate all the rules.

The gain is probably pretty minimal, though.


-kj

References:
- PF quick
  - From: "Simon Peres" <simon.peres@gmx.net>

Prev by Date: Re: Measuring PF/IPF Performance
Next by Date: Re: Make build without `games'
Prev by thread: PF quick
Next by thread: httpd and netstat
Index(es):
- Date
- Thread