hrmm, interesting question this.... would it be faster to reload say about 100 rule tables one by one when needed, or push all the firewall tables/rules (say bout 20,000 rules) with iptables-restore at one time?
i have a firewall script which can say reload SNAT or DNAT tables without clearing the entire firewall, and reload certain rules aswell. i would just like to know if it would be better to push the entire 20k rule firewall in at the same time with 1 iptables-restore command? Regards Nigel Kukard (General Manager)
