IPtables maximum recored added
I want to block a range of IP's from some countries to connect to my server and I will edit this file /etc/sysconfig/iptables
the list of range is aboute 11000 range of IP's .
what is the maximum no of IP range that could be added to /etc/sysconfig/iptables ?
is it will slow my server if adding that huge range to IPtable ?
As long as you can express it in CDIR, it computes as a single record; Try /sbin/iptables -I input -s 184.108.40.206/18 -j DROP for example. It will then drop the range 220.127.116.11-18.104.22.168, about 16400 addresses, in one fell swoop. Some combination of a few CDIRs might work for you.
|All times are GMT -5. The time now is 06:05 PM.|