Whats faster? multiple rules vs. multiport match
max at rfc2324.org
Thu Feb 15 22:37:29 CET 2007
While hacking on alff  I asked myself what would be more wise to
use for matching multiple ports on multiple servers/ips
a) on rule for every ip/port combination
b) two rules for every server, one for tcp and one for udp
(assumend I only have to match for udp and tcp stuff).
(The whole scenario is the following:
I generate rules to regulate access to different services.
Every service is transalted into an own chain.
Therein I generate a matrix of host running this service and port
related to it - like a))
As there are some services with ~ 20 ports (think: Windows(r) DC)
there might be some advantage in choosing the faster way.
Is there any "benchmark" which might enligthen me which way to use?
Thanks in advance
Follow the white penguin.
More information about the netfilter