hi
i originally ask this in a different group and was advised that this
may be a more suitable place.
i'm trying to set up my low spec 2.6 box (pentium2/128MB) to
block/filter network packets based on src/dest address and i know this
will be done via iptables (i want to stop traffic going out or coming
in from a given list of ips)
however, i want to get a list of ip addr i should block and someone
suggested that i take a look at the 'ipfilter.dat' file that is used by
things such as peerguardian. having taken a quick look, there appears
to be over 100k worth of ip addr ranges.
are there any figures giving indication of performance of the iptables
mechanism when the filter table gets 'large'.
also, if someone has another set of IP addr that i use to set up my
filter -- i've read perhaps block base on country (ie packets from
china, russia etc)
thanks
-r
|
Similar Threads
Linear Mode
