Mike Marion wrote:
I know a big "solaris is the only true OS" person that, for some reason, had setup a system ages ago to use routing vs ip filtering to block people that probed or did too many ssh attempts, and never bothered to convert it to ip filtering eventually. Worked great until he had about 64k routing entries for specific hosts to null. That one made me chuckle.. because every single packet that ever entered or left the box had to parse the entire routing ruleset he'd built up over time.
I'm pretty sure that the IP stack in Solaris 10 could chew that up just fine. The performance is *very* good, and the way they do the rules allows a lot of things to be short circuited, hashed, and indexed for speed.
In fact, even most torrent clients now routinely handle blocking 1,000,000+ IP's in application code.
-a -- KPLUG-List@kernel-panic.org http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
