Re: Restricting Internet Access
On Wed, 28 Oct 2009 07:21:13 -0500
"Boyd Stephen Smith Jr." <bss@iguanasuicide.net> wrote:
...
> I disagree on the last point. It could simply be an incompatibility
> between Shorewall and I. I find the RAW iptables rules clear and
> rational, I don't see the need to obfuscate them.
Fair enough - to each his own, I guess.
> Also, it doesn't matter on modern desktops, but my iptables ruleset
> is significantly smaller than the equivalent Shorewall iptables
> ruleset. That saves kernel memory (a miniscule amount) and CPU time
> per packet.
I had thought that you might have something like this in mind - after
all, there are still people who prefer to code in assembler, since it
can yield smaller, tighter code ...
;)
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: