Dan Mahoney, System Admin wrote:
Hey all,

I've got a file that I just synced from a major RBL, and I'd like to just use it to globally deny access to my system. Is there an easy way to do this within ipfw -- the file is about 3 *million* lines, and is from cbl.abuseat.org.
I do similar things using IPFW2's tables:

table 1 flush
table 1 add firstip
table 1 add 3millionthip
deny tcp from table(1) to me 25

ipfw tables use the same lookup structure as the FreeBSD routing table, so it's got to be reasonably efficient. I've never used it with quite that many entries though!

Chances are, you can aggregate your address list to reduce it somewhat though.

Have fun,

freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to