On 10/24/07, Joerg Mertin <[EMAIL PROTECTED]> wrote: > I did that already in the beginning ... > However - the boot process took quite long to entere 2000 reject-routes > (that is what you mean - no ? > add route host xxx.xxx.xxx.xxx reject
If you have the ability to recompile the kernel I do believe that IPsets are the solution you require. They're fast to insert, fast to scan through. And shorewall supports IPsets well. Prasanna -- www.elinanetworks.com Seamless, secure delivery of applications. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
