Re: loading huge number of rules in iptables (blocklist)

To: debian-user@lists.debian.org
Subject: Re: loading huge number of rules in iptables (blocklist)
From: Albert Dengg <a_d@gmx.at>
Date: Wed, 21 Mar 2007 17:40:16 +0100
Message-id: <[🔎] 46015FF0.7010102@gmx.at>
In-reply-to: <[🔎] etrlau$ute$1@sea.gmane.org>
References: <[🔎] etppen$fea$1@sea.gmane.org> <[🔎] etrkbp$r9o$1@sea.gmane.org> <[🔎] 460156B4.704@cox.net> <[🔎] etrlau$ute$1@sea.gmane.org>

H.S. wrote:
...

Yes. The experiment shows that this is not going well. I was wonderingif there are any alternatives. I currently have around 80,000 rules nowinserted, and the process is still continuing more than 17 hours later!However, my internet connection seems to be holding up without anynoticeable performance cut so far.

have you tried to make up and input for iptables-restore and blast allrules into iptables at once?

from the docs i've read this should be a faster.

on the other hand there is also nf-hipac (http://www.hipac.org/).
while i've not tried it, they claim to handle large rule sets better.

yours
albert

Reply to:

References:
- loading huge number of rules in iptables (blocklist)
  - From: "H.S." <hs.samix@gmail.com>
- Re: loading huge number of rules in iptables (blocklist)
  - From: "H.S." <hs.samix@gmail.com>
- Re: loading huge number of rules in iptables (blocklist)
  - From: Ron Johnson <ron.l.johnson@cox.net>
- Re: loading huge number of rules in iptables (blocklist)
  - From: "H.S." <hs.samix@gmail.com>

Prev by Date: Re: how to switch between different network configurations?
Next by Date: Re: No text mode display after grub
Previous by thread: Re: loading huge number of rules in iptables (blocklist)
Next by thread: Re: loading huge number of rules in iptables (blocklist)
Index(es):
- Date
- Thread