Contributed by grey on from the henning gets his beer back dept.
Due to Mike Frantzen's work, pfctl optimizer is official in OpenBSD current sources. The Pfctl optimizer features:
'pfctl -o' ruleset optimizer that doesnt change the meaning of the final ruleset - remove identical and subsetted rules - when advantageous merge rules w/ similar addresses into a table and one rule - re-order rules to improve skip step performance (can do better w/ kernel mods) - 'pfctl -oo' will load the currently running ruleset and use it as a profile to direct the optimization of quicked rules
See the complete CVS commit log entry archived here for details.
(Comments are closed)
By Frank Denis (213.41.131.17) on http://00f.net
Comments
By Andreas Kahari (193.62.198.94) on