Re: loading huge number of rules in iptables (blocklist)

To: debian-user@lists.debian.org
Subject: Re: loading huge number of rules in iptables (blocklist)
From: Ron Johnson <ron.l.johnson@cox.net>
Date: Wed, 21 Mar 2007 11:00:52 -0500
Message-id: <[🔎] 460156B4.704@cox.net>
In-reply-to: <[🔎] etrkbp$r9o$1@sea.gmane.org>
References: <[🔎] etppen$fea$1@sea.gmane.org> <[🔎] etrkbp$r9o$1@sea.gmane.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/21/07 10:52, H.S. wrote:
> H.S. wrote:
> 
>>
>> Now, currently, there are around 151,000 ipranges listed in level1.gz
>> to block. So the above function's loop goes over these many times
>> inserting the rules for each range. And this is taking huge amount of
>> time: in over 50 minutes, only around 12% rules have been loaded on my
>> router running Etch (Pentium III, 449MHz, 380 MB RAM).
>>
>> How can I speed this up? Advice?
>>
>> thanks,
>> ->HS
> 
> 
> 
> Anyone ... ?

That's a whole lotta rules.  I'm not surprised that iptables doesn't
scale that well.

> 
> ->HS
> 
> 
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGAVa0S9HxQb37XmcRAkGcAJ98IedLFIjxrWFj7LoDdWuGnlduHgCgnQYL
dP8B2imaYV/NHNmlMYwY+/0=
=tAuv
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: loading huge number of rules in iptables (blocklist)
  - From: "H.S." <hs.samix@gmail.com>

References:
- loading huge number of rules in iptables (blocklist)
  - From: "H.S." <hs.samix@gmail.com>
- Re: loading huge number of rules in iptables (blocklist)
  - From: "H.S." <hs.samix@gmail.com>

Prev by Date: Re: loading huge number of rules in iptables (blocklist)
Next by Date: Re: Browser identification to websites
Previous by thread: Re: loading huge number of rules in iptables (blocklist)
Next by thread: Re: loading huge number of rules in iptables (blocklist)
Index(es):
- Date
- Thread