Re: Network services fail on startup

To: Andrei POPESCU <andreimpopescu@gmail.com>
Cc: debian-user@lists.debian.org
Subject: Re: Network services fail on startup
From: Dan Ritter <dsr@randomstring.org>
Date: Tue, 14 Jul 2020 07:11:39 -0400
Message-id: <[🔎] 20200714111139.GK29877@randomstring.org>
In-reply-to: <[🔎] 20200714064711.ccp6etxle4tqywdd@acr13.nuvreauspam>
References: <[🔎] CAK3NTRAwADD+UVnXG-82cKXPJsQfXk62KPud-r3JN7d_aH0oAw@mail.gmail.com> <[🔎] 20200714064711.ccp6etxle4tqywdd@acr13.nuvreauspam>

Andrei POPESCU wrote: 
> On Lu, 13 iul 20, 18:41:39, Ross Boylan wrote:
> > 
> > The interface has a pre-up script that has over 1,000 iptables add lines
> > for blacklists, and I suspect this is slowing things down enough to cause
> > trouble.  I was not having problems when the script was shorter.
> 
> P.S. as far as I understand nftables should handle these much better 
> than iptables. May or may not help with your actual problem.

iptables is currently a frontend to nftables.

The way to handle a giant blocklist efficiently is ipset, which manipulates
large groups of IPs that will be matched for a particular rule.

-dsr-

Reply to:

Follow-Ups:
- Re: Network services fail on startup
  - From: Andrei POPESCU <andreimpopescu@gmail.com>

References:
- Network services fail on startup
  - From: Ross Boylan <rossboylan@stanfordalumni.org>
- Re: Network services fail on startup
  - From: Andrei POPESCU <andreimpopescu@gmail.com>

Prev by Date: lxde + ligthdm Shutdown
Next by Date: Re: How do I report bug on Old machine via this New Laptop?
Previous by thread: Re: Network services fail on startup
Next by thread: Re: Network services fail on startup
Index(es):
- Date
- Thread