[Firehol-support] Startup time (was: Re: Masquerading happening on simple router?)
Thomas Arendsen Hein
thomas at intevation.de
Fri Oct 14 18:08:46 BST 2005
* Carlos Rodrigues <carlos.efr at mail.telepac.pt> [20051014 18:25]:
> BTW, on another note, even on an Athlon 1800+, with my rules FireHOL
> takes some 20 seconds to start (much better than the 1.5 minutes it
> takes on my home Pentium 133 gateway :)).
I remember that someone mentioned a tool on this list which can
generate the differences between two iptables rulesets and build a
script with the necessary insert/delete commands to change a running
firewall with a minimum of iptables calls.
This way the ruleset can be generated on a fast machine and be
transfered to the (often not so fast for a good reason) firewall
host.
Unfortunately I can't find it at the moment.
> Startup time isn't that important (and is certainly irrelevant compared
> to the "amazingness" of FireHOL), but I was wondering if there are any
> plans (although not for the near future) to speed things up by maybe
> recoding some internals in C or some other faster-than-bash-scripting
> language.
I'd prefer a Python based solution for this :)
Thomas
--
Email: thomas at intevation.de
http://intevation.de/~thomas/
More information about the Firehol-support
mailing list