Open mateo8a opened 1 year ago
@mateo8a another great suggestion! I'm not a pf expert but may look into it sometime, if nobody else beats me to it :)
Although honestly, I've thought for a while now that it'd be best if we just migrate the whole app to a network extension (which didn't exist when I was last rehauling the blocking engine). It'd be a lot cleaner/simpler and allow much more granular blocking. So I'll probably just go for that instead of spend too much time on the existing engine.
As per the man pages of pf.conf,
Currently, self-control lists two individual rules for each IP it blocks. If a user has few websites blocked then the current way of doing things should not be an issue, but if a user has a ton of websites blocked, then there might be performance issues.
To increase performance, using tables would be a more optimal way of implementing the packet filter rules in
pf.anchors/org.eyebeam
.