blocking a string in a packet using ipfw
Barney Wolff
barney at databus.com
Thu Sep 14 08:09:35 PDT 2006
On Thu, Sep 14, 2006 at 03:46:12PM +0200, Phil Regnauld wrote:
> Willem Jan Withagen (wjw) writes:
> >
> > Now I'm pretty shure that ipfw does not stretch indefinitely to contain
> > perhaps something like 100.000 ip-numbers (would be a nice test. :) )
>
> Actually, it should.
I have over 600000 addresses in an ipfw table with no observable trouble.
But that rule is triggered only about 10000 times a day (part of a spam
blocker).
--
Barney Wolff I never met a computer I didn't like.
More information about the freebsd-net
mailing list