Orlando Andico said: > > the problem now is.. how can i quantify the performance hit iptables is > extracting? 2000+ rules is not inconsiderable.
hmm...unless you have a test suite, it's not easy to quantify that. maybe you can just move the iptables-blocking stuff into a separate machine in front of your SMTP server(s) so they'll have dedicated CPU/RAM just for that? _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
