[ILUG] Firewall Overhead.
Dermot Hanley
dhanley at irish-times.com
Wed Jun 28 11:35:49 IST 2000
On Wed, Jun 28, 2000 at 02:21:14AM +0100, Smelly Pooh wrote:
> > suprised me too, but that's what i remember alan cox posting to
> > linux-kernel, 64KB iirc[2].
>
> lets not introduce anymore unsubstantiated recollections here OK? I'd rather
> not beat around the bush with every made up memory you may or may not have
The stateful inspection firewall I know best is CheckPoint FW-1 and it's stated
[1] that each connection takes 60 bytes of memory. If a connection requires
NAT, an additional 120 bytes are needed. If a connection is logged in
accounting mode, an extra 72 bytes are needed.
[1] http://www.phoneboy.com/fw1/faq/0088.html
Dermot
--
Dermot Hanley, Systems & Network Administrator
Irish Times New Media - http://www.ireland.com
More information about the ILUG
mailing list