[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables -A or iptables -I?

also sprach Martin G.H. Minkler <dukeofnukem@gmx.net> [2004.10.19.1907 +0200]:
> The background to my question is a 1.4MB IP blacklist I have to
> block. I traverse so that only incoming NEW from $DEV_INET is
> passing that chain, but appending the ruleset (i.e. at boottime)
> takes roughly 30min. So I was wondering whether inserting might be
> quicker :-)

Inserting is almost never quicker than appending. In fact, I am
having trouble coming up with a data structure where insertions are
as quick as appendages, provided, of course, that the difference
makes sense. After all, appendage is nothing but an insertion at

Please do not CC me when replying to lists; I read them!
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature

Reply to: