Displaying 1 result from an estimated 1 matches for "kadlec_at_blackhole".
2007 Apr 18
0
[Bridge] Re: [Ebtables-user] Trying to do gigabit bridging+firewalling
...e already knows what
> the cause might be.
>
> Thanks in advance for any help you can provide,
>
> Peter :)
My guess would be it's connection tracking that eats your performance. What
happens if you disable it (compile time option)?
Unless I'm mistaken, Jozsef Kadlecsik <kadlec_at_blackhole.kfki.hu> wrote a
target that lets you disable connection tracking for certain packets. Check
out the netfilter devel mailing list. Connection tracking on a bridging
firewall is extra slow because packets that won't be bridged (because they're
destined for the same side of the bridge)...