|
Hi Ben,
I have posted several reasons for this in the past, some of which I can
list again here:
Thanks for explaining the reasoning behind your reservations.
Thank you for your understanding.
The last time I looked at this was a good while ago, so things might
have got better, but we did notice what you're describing, yes. It was
entirely possible to use up 100% of the CPU. But maybe for a situation
And I reckon you probably only had about a couple of dozen rules, right?
where the expected throughput is lower, it would be acceptable to use up
more CPU to gain (some kind of) stateful firewalling. Julian has
Absolutely.
mentioned that he's making progress on updating the patch, so if it can
be brought in as a compile-time option, that would be great. It does
seem that there are people who would use it.
I think it is always possible, the only problem is that right now the
only way I see it being done is using some cludgy #ifdef's and then we
will have a problem with sneaking the code past DaveM :).
Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc
| 