OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: Dueliest on November 21, 2020, 03:52:11 pm

Title: netmap-ipfw or netmap + ipfw?
Post by: Dueliest on November 21, 2020, 03:52:11 pm

Sorry for my ignorance but I have been reading up on this opnsense and its technologies but I cant seem to find documentation about current implementations. It seems the most recent update has enabled netmap across the board but all the attention seems to be on Sensei and Suricata usage. Can anyone tell me if theses changes include the userland version of ipfw or is it still the kernel version?

Reference here: https://github.com/luigirizzo/netmap-ipfw


Also is information like code implementations changes on a per update basis published, and if so where?

Title: Re: netmap-ipfw or netmap + ipfw?
Post by: mimugmail on November 21, 2020, 04:44:55 pm

No changes to ipfw, it's also only used for QoS and Captive Portal, If you use none of them it's not loaded (if shared forwarding is disabled).

Firewall rules are handled by pf which is known not to be fastest implememtation, thats why netmap is only mentioned in combination with suri or sensei

Title: Re: netmap-ipfw or netmap + ipfw?
Post by: Dueliest on November 21, 2020, 10:37:51 pm

I guess the real question then is what is the current system (program, protocol, framework) used for packet IO if not netmap?