LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   IPtables maximum recored added (http://www.linuxquestions.org/questions/linux-networking-3/iptables-maximum-recored-added-669478/)

emymcse 09-12-2008 09:27 AM

IPtables maximum recored added
 
Hello,

I want to block a range of IP's from some countries to connect to my server and I will edit this file /etc/sysconfig/iptables


the list of range is aboute 11000 range of IP's .

what is the maximum no of IP range that could be added to /etc/sysconfig/iptables ?

is it will slow my server if adding that huge range to IPtable ?

Thanks

david1941 09-12-2008 09:59 AM

As long as you can express it in CDIR, it computes as a single record; Try /sbin/iptables -I input -s 24.1.0.0/18 -j DROP for example. It will then drop the range 24.1.0.0-24.1.63.255, about 16400 addresses, in one fell swoop. Some combination of a few CDIRs might work for you.

Dave


All times are GMT -5. The time now is 08:26 AM.