[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: firewall tunning

On Fri, Aug 06, 2004 at 09:57:29AM +0800, adriankok2000_(_at_)_yahoo_(_dot_)_com_(_dot_)_hk said:
> Hi all
> I only used my openbsd as firewall and bridge
> how do I tune my whole machine for this purpose only?
> What are the limitation of the firewall and bridge?
> and how can I monitor the firewall box also
> Behind the openbsd box, I have 80 machines

without specifying what kind of network you have, what kind of traffic is
going in and out, and what kind of monitoring you want to do, it's hard to
give a very helpful answer.

Chances are, the answer is, "you don't. The OS is as 'tuned' as it likely
needs to be for your situation right out of the box." I'd tell you to turn
off everything you don't need, but ... :)

If you're not currently having performance issues, my advice is to leave well
enough alone, until you understand exactly what you're trying to accomplish
in 'tuning' the machine, and why.
       Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527
<CaffeineHead> We have enough youth. What we need is a fountain of smart.
-- http://bash.org/?70562

[demime 0.98d removed an attachment of type application/pgp-signature]