Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Firewall Rules Optimization
« previous
next »
Print
Pages: [
1
]
Author
Topic: Firewall Rules Optimization (Read 2593 times)
XeroX
Full Member
Posts: 114
Karma: 7
Firewall Rules Optimization
«
on:
September 03, 2020, 07:59:04 pm »
Hello @Firewall Advanced Settings, I can find "Firewall Rules Optimization". It allows None, Basic and Profile.
I searched for pfctl and found the exact same description. What is it exactly doing on "Profile"?
What is the best setting for maximum optimization if I've spare memory and processor time?
Cheers
«
Last Edit: September 03, 2020, 11:13:38 pm by XeroX
»
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: Firewall Rules Optimization
«
Reply #1 on:
September 04, 2020, 08:03:00 am »
it's not really about hardware. just an attempt to arrange the order of the rules (and some rules "cleaning") to reduce the number of iterations.
so if you have no doubts about the correctness of the optimization or special strict conditions for the order of applying the rules, just leave it at the default.
As far as I understand, the "profile" is trying to additionally change the order of the rules with the quick directive, based on real traffic statistics. (that is, this is a "basic" plus additional optimization of quick rules).
good reading:
http://undeadly.org/cgi?action=article&sid=20060927091645
Logged
XeroX
Full Member
Posts: 114
Karma: 7
Re: Firewall Rules Optimization
«
Reply #2 on:
September 05, 2020, 02:37:08 pm »
Thanks alot.
Really good article about pfctl.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Firewall Rules Optimization