Re: Restricting Internet Access

To: debian-user@lists.debian.org
Subject: Re: Restricting Internet Access
From: Celejar <celejar@gmail.com>
Date: Wed, 28 Oct 2009 19:11:10 -0400
Message-id: <[🔎] 20091028191110.f90c369d.celejar@gmail.com>
In-reply-to: <[🔎] 200910280721.19095.bss@iguanasuicide.net>
References: <[🔎] 200910181841.09748.d_baron@012.net.il> <[🔎] 200910271609.15928.bss@iguanasuicide.net> <[🔎] 20091028011429.38cb199f.celejar@gmail.com> <[🔎] 200910280721.19095.bss@iguanasuicide.net>

On Wed, 28 Oct 2009 07:21:13 -0500
"Boyd Stephen Smith Jr." <bss@iguanasuicide.net> wrote:

...

> I disagree on the last point.  It could simply be an incompatibility
> between Shorewall and I.  I find the RAW iptables rules clear and
> rational, I don't see the need to obfuscate them.

Fair enough - to each his own, I guess.
 
> Also, it doesn't matter on modern desktops, but my iptables ruleset
> is significantly smaller than the equivalent Shorewall iptables
> ruleset.  That saves kernel memory (a miniscule amount) and CPU time
> per packet.

I had thought that you might have something like this in mind - after
all, there are still people who prefer to code in assembler, since it
can yield smaller, tighter code ...

;)

Celejar
-- 
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

Reply to:

References:
- Restricting Internet Access
  - From: David Baron <d_baron@012.net.il>
- Re: Restricting Internet Access
  - From: "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>
- Re: Restricting Internet Access
  - From: Celejar <celejar@gmail.com>
- Re: Restricting Internet Access
  - From: "Boyd Stephen Smith Jr." <bss@iguanasuicide.net>

Prev by Date: Re: [OT] Facebook-like blogging software
Next by Date: Re: HP G60-249WM Notebook overheats (on lenny)
Previous by thread: Re: Restricting Internet Access
Next by thread: Re: Restricting Internet Access
Index(es):
- Date
- Thread