Firewalls: Re: CERN httpd vs http-gw

Firewalls
(February 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: CERN httpd vs http-gw
From:	David Miller <isdmill @ gatekeeper . ddp . state . me . us>
Date:	Mon, 13 Feb 1995 12:32:07 -0500 (EST)
To:	Ken Hardy <ken @ bridge . com>
Cc:	Brent Chapman <Brent @ greatcircle . com>, rens @ imsi . com, tpaquett @ aec . ca, firewalls @ greatcircle . com, bdrennin @ plaind . com
In-reply-to:	<Pine . SUN . 3 . 90 . 950210215617 . 14000A-100000 @ ignatz>

On Fri, 10 Feb 1995, Ken Hardy wrote:

> On Fri, 10 Feb 1995, David Miller wrote:
> > 
> > Why wouldn't you use simple software created for the task of access 
> > control to secure access control, like tcp_wrappers or netacl?
> > 
> 
> It is possible but not recommended to run the CERN httpd from inetd
> because of the overhead to spawn it so often; it's more efficient to have
> it running in daemon mode and have it fork itself for new connections as
> it's already processed its config file, and the image is already in core. 
> This is even more important now, IMHO, with the proliferation of Netscape,
> which asks for _lots_ of URLs at once.


Very good point.  Twas an oversight on my part, honest:)

> 
> Http-gw & plug-gw are much more lightweight, so it's not _as_much_ a 
> concern running them from inetd.  Don't have any empirical measurements, 
> though.
> 
> -- KH
> 
> 
> 

----------------------------------------------------------------------------
		It's *amazing* what one can accomplish when 
		    one doesn't know what one can't do!

References:

Re: CERN httpd vs http-gw
From: Ken Hardy <ken @ bridge . com>

Indexed By Date	Previous:	Re: UDP port significance From: Robert Sargent <sargent @ SGT . COM>
Indexed By Date	Next:	Re: UDP port significance From: Oliver Friedrichs <iceman @ MBnet . MB . CA>
Indexed By Thread	Previous:	Re: CERN httpd vs http-gw From: Ken Hardy <ken @ bridge . com>
Indexed By Thread	Next:	Re: CERN httpd vs http-gw From: Tom Fitzgerald <fitz @ wang . com>