>> The buffer has to be copied to main memory and the header
>> checksummed whatever happens. On a packet that matches the
>> firewall no further processing is done
> Hmm, what lasts longer, matching against the firewall or
> calculating the checksum? If checksumming takes longer what about
> doing the firewall matching first?
As I understand it, the header checksum HAS to be done first since
it's there to verify that the packet is valid in the first place.
Until that validation has been done, the details in the header are
meaningless.
Best wishes from Riley.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/