Blocking very many (tens of thousands) ip addresses in ipfw
Artem Kuchin
matrix at itlegion.ru
Wed Jan 14 08:27:22 PST 2009
I need to block around 150000 ip addreses from acccess the server at all
at any port. The addesses are random, they are not nets.
These are the spammer i want to block for 24 hours.
The list is dynamically generated and regenerated every hour or so.
What is the most efficient way to do it?
At first i thought doing ipfw rules using 5 ips per rule, that would
result in 30000 rules! This will be too slow!
I need to something really quick and smart. Like matching the first
number from ip (195 from 192.1.2.3),
if it does not match - skip, if it does - compare the next one
and so on.
--
Regards
Artem Kuchin
More information about the freebsd-questions
mailing list