On Wed, Feb 20, 2002 at 02:59:19PM +0100, Joffer wrote: > What I've got problems with is: > iptables -L > > running this command results in more or less nothing. It takes about 5 > minutes for one (1) line in the tables to be displayed, and then a new 5 > minutes before the next line shows up... with a complex script it would take > hours to list everything. > > If I remove the UDP rule of the DNS though, 'iptables -L' works like a charm > and lists everything in about one or two seconds.
Yes, because iptables can no longer resolve the hostnames associated with the ip addresses. > If i add '-n' when the UDP rule is enabled, everything is fine, but I > shouldn't (and wouldn't) have to use '-n'. Why not? You will always see delays like with any other command: Try "route" if you have lots of routing table entries, it will take long, unless using the '-n' flag. Try "netstat -a" - it will take its time in order to look up the reverse entries for all IP addresses you have connections to. Unless you use -n. > Thanks > /Christopher Thorjussen -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
