I was wondering how rules can be efficiently stored in a firewall so that it is fast and efficient when packets arrive.
For e.g. If I have a firewall where rules are stored on the basis of priority alone it could be in-efficient when different types of packet arrive.
A UDP packet might have to go through rules that are specific to TCP packets etc.
Instead would it be better to store rules based on the packet types they apply to (as a primary key) and then within that based on their priority (secondary key sort of). If so how can this be implemented efficiently?

Any ideas would be great. TIA

I'd use iptables to sort the packets to their respective rulesets based on packet type...
But that's not C++...

Any other C/C++ ideas on how to implement firewall rules efficiently?

just model it like iptables/netfilter...


if ($packet->table() eq "INPUT") {
if ($packet->type() eq "TCP") {
//run it through tcp ruleset
}
else if ($packet->type() eq "UDP") {
//run it through udp ruleset
}
//so on and so forth...
}

or whatever