On 14 Feb 2005, Aditya Datey wrote:
> I also had to enable the 'trust eth0' box to make it work.
... but make sure that you understand what the implications are. If
there is _any_ netfilter rule, _all_ IP traffic has to be checked in
order to decide whether to allow it or not. Depending on the number
and types of rules, this might seriously decrease performance, as the
CPU might spend lots of time checking each packet against the rules.
--
Bogdan Costescu
IWR - Interdisziplinaeres Zentrum fuer Wissenschaftliches Rechnen
Universitaet Heidelberg, INF 368, D-69120 Heidelberg, GERMANY
Telephone: +49 6221 54 8869, Telefax: +49 6221 54 8868
E-mail: Bogdan.Costescu_at_[hidden]
|
