Once upon a time, Stephen John Smoogen said:
> It will because it is a linear list that every packet has to be 'judged'
> against. Even if you break it down to 2 or 3 trees it will still take a
> while.
Putting them in ipset would be much better performance (uses hash, so
not a linear search).
On Tuesday, February 4, 2020 4:13:50 PM CET Stephen John Smoogen wrote:
> On Tue, 4 Feb 2020 at 05:37, Pete Biggs wrote:
> > On Mon, 2020-02-03 at 19:04 -0500, Jerry Geis wrote:
> > > Hi All,
> > >
> > > Over the last 20 some years I have a file with about 200K worth of
> >
> > address
> >
> >
On Tue, 4 Feb 2020 at 05:37, Pete Biggs wrote:
> On Mon, 2020-02-03 at 19:04 -0500, Jerry Geis wrote:
> > Hi All,
> >
> > Over the last 20 some years I have a file with about 200K worth of
> address
> > that have "wrongly" tried to connect to my boxes running centos. So the
> > file has one
On Mon, 2020-02-03 at 19:04 -0500, Jerry Geis wrote:
> Hi All,
>
> Over the last 20 some years I have a file with about 200K worth of address
> that have "wrongly" tried to connect to my boxes running centos. So the
> file has one line per address or group of addresses like:
> 2.244.112.0/24
>
On Tue, Feb 4, 2020 at 5:34 AM Jerry Geis wrote:
> Hi All,
>
> Over the last 20 some years I have a file with about 200K worth of address
> that have "wrongly" tried to connect to my boxes running centos. So the
> file has one line per address or group of addresses like:
> 2.244.112.0/24
>
> So
Hi All,
Over the last 20 some years I have a file with about 200K worth of address
that have "wrongly" tried to connect to my boxes running centos. So the
file has one line per address or group of addresses like:
2.244.112.0/24
So using the OLD iptables I would run through my file build the
6 matches
Mail list logo