| Performance request - bind traffic rules to interfaces [message #152381] |
Fri, 05 August 2022 16:30 |
tverweij
Messages: 86
Registered: March 2010
Location: Curacao
|
|
|
|
The traffic rules have now a source, a destination and an action.
In a lot of cases, I have rules on an IP Group as source.
I all of those cases I know where those connections come from (most of the time: Internet interfaces), but I have no way to specify this.
And because I can not specify this, the traffic rule is checked for all interfaces - and those checks cost performance.
An example:
Source: IPGroup "My Blocked addresses"
Destination: Firewall
Action: Drop
I know that those blocked addresses will always come from the internet, but when I make a connection from a trusted interface to the internet, this rule is executed, wasting resources.
To solve this, we need an extra column where we can specify the interfaces that this rule is bound to (default any interface), so we can prevent processing for no reason.
|
|
|
|
Members
Search
Help
Register
Login
Home
