[wellylug] Blocking bad IPs from server
andrej at paradise.net.nz
andrej at paradise.net.nz
Fri Jan 26 16:22:56 NZDT 2007
Quoting andrej at paradise.net.nz:
> > so I'm wondering if it's feasable to add so
> > many IPs to iptables. Wouldn't this have a performance impact?
> With a 2000-3000 rules I probably wouldn't be too worried, but I
> haven't done any performance tests on IP tables with large numbers
> of rules ...
In this I assume that you're not trying to route the traffic for
many many clients over a high-speed connection but that the machine
iptables is running on a firewall/router that protects maybe a hand-full
of boxes and is hooked up to the internet on a 10mbit/s connection :}
In other cases I'd beg to differ!
Cheers,
Andrej
More information about the wellylug
mailing list