Re: How's the nforce4 support in Linux?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2005-03-24 at 10:00 +0000, Asfand Yar Qazi wrote:
> Arjan van de Ven wrote:
> >>* "hardware firewall" -- sounds silly.  Pretty sure Linux doesn't support
> >>it in any case.
> >>
> > 
> > 
> > probably just one of those things implemented in the binary drivers in
> > software, just like the "hardware" IDE raid is most of the time (3ware
> > being the positive exception there)
> > 
> 
> http://www.neoseeker.com/Articles/Hardware/Previews/nvnforce4/3.html
> 
> You're right there - some semi-hardware support combined with drivers 
> apparently result in lower CPU usage that software firewalls.  Apparently.

lower CPU usage than the *windows* firewall.
While there is a potential gain from a firewall function on the other
side of the PCI bus, this gain is when you reject most packets. Eg you
save "bad" packets from going over the bus. Now the question is how many
bad packets do you get per second...

> However one feature that you can't laugh at is the fact that it can be 
> made to block packets in the span of time between the OS being loaded 
> up, and the "real" firewall coming up.  This small time span 
> theoretically leaves the PC vulnerable, so I think this is the only 
> use for "ActiveAmor Firewall".

This is a joke right? In linux at least, the OS doesn't get packets
unless it asks for it; I can't imagine any other OS doing that
differently (since most are somewhat based on the same model). And all
linux distros I know of first install the firewall rules and then tell
the NIC to start receiving packets. In that order. I don't know how
windows does it (and I don't care), but if it gets this wrong it would
be a really bad bug in windows. But I guess it'd give the chipset
marketing people something to boast about ;)


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux