1 |
begin quote |
2 |
On Thu, 06 Jun 2002 00:22:26 -0400 |
3 |
Marko Mikulicic <marko@××××.org> wrote: |
4 |
|
5 |
|
6 |
> may I ask you why do you prefer the /proc variant ? I have no |
7 |
> prejudice on both, |
8 |
> but I'm wondering why there is some many "sysctl" based scripts |
9 |
> (in other distros). |
10 |
less spawning of programs (fewer threads == faster and less disk |
11 |
accessing on a low-ram machine ) |
12 |
implementation is simpler in many cases (less prone to error since I'm |
13 |
more used to shell syntax) |
14 |
|
15 |
|
16 |
> I thought iptables was the "IP packet filter". Ip forwarding |
17 |
> can be used for other things, like openvpn tunneling or other |
18 |
> routing stuff which doesn't depend on iptables, right? What if I don't |
19 |
> have installed iptables ? Where it should go then ? |
20 |
|
21 |
Well, net, bootmisc is one thing, but I have it in my iptables script |
22 |
because thats where I tune my other firewall/network related settings, |
23 |
syncookies, high/low ports and memory threshholds as well as my port |
24 |
forwarding and ip forwarding rules, and ecn bit settings. |
25 |
|
26 |
|
27 |
as for your idea on more scripts, I prefer to keep them less, means less |
28 |
overhead and fewer points of failure in the caching mechanism.. |
29 |
|
30 |
|
31 |
//Spider |
32 |
-- |
33 |
begin .signature |
34 |
This is a .signature virus! Please copy me into your .signature! |
35 |
See Microsoft KB Article Q265230 for more information. |
36 |
end |