I need some firewall advice.
I have a very rigid firewall ruleset, I block almost everything, and then I
log anything even remotly suspicious. I regularly go through the log file,
and when i find source ip's attempting to infultrate my network, i add a
rule in my ruleset to deny all traffic originating from that ip.
The problem is this:
I noticed a decrease in the throughput of my network connection. I figure
this is probably the result of the 25 or so extra rules I have blocking
these ip addresses. My question is this. Is there anyway to block these
ip's without slowing down my connection? Maybe something to do with the
hosts.allow, hosts.deny, etc or something?
Thanks,
Jon
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
