From: Paul Caritj <pcaritj@riovia.net>
To: tkevans@tkevans.com, netfilter@lists.netfilter.org
Subject: Re: Maximum Number of Chains
Date: Wed, 03 Sep 2003 11:42:04 -0400 [thread overview]
Message-ID: <3F560BCC.4020907@riovia.net> (raw)
In-Reply-To: <20030903120302.M95330@tkevans.com>
Agreed,
Heres my situatuation: I need to create rules on the fly for
(potentially) up to 4000 users. What I need is a way to delete *all* the
rules for a given ip address without knowing the full contents of the
rule (only the ip); as you might have guessed, I'm doing this
programatically.
My current solution is to have one chain for each associated IP. Is
there a better solution to this problem?
As for memory...I can have as much as I need, if anyone knows how much
that would be. :)
Tim Evans wrote:
>On Wed, 3 Sep 2003 09:25:51 +1000, George Vieira wrote
>
>
>>How much memory do you have???
>>
>>I've added at once stage around 500+ rules in once chain alone, if
>>that helps you in anyway..
>>
>>
>
>Seems to me if you have to ask about the maximum number of rules, you already
>have too many. There are ways to create general rules that apply to many
>cases--i.e., address ranges, port ranges, etc.
>--
>Tim Evans | 5 Chestnut Court
>tkevans@tkevans.com | Owings Mills, MD 21117
>http://www.tkevans.com/ | 443-394-3864
>http://www.come-here.com/News/ |
>
>
>
>.
>
>
>
next prev parent reply other threads:[~2003-09-03 15:42 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-09-02 23:25 Maximum Number of Chains George Vieira
2003-09-03 12:03 ` Tim Evans
2003-09-03 15:42 ` Paul Caritj [this message]
2003-09-03 16:19 ` Leonardo Rodrigues Magalhães
2003-09-03 16:21 ` Jeffrey Laramie
-- strict thread matches above, loose matches on Subject: below --
2003-08-31 2:39 Paul Caritj
2003-08-30 4:16 Paul Caritj
2003-09-02 20:22 ` Ralf Spenneberg
2003-09-03 4:22 ` Julian Gomez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F560BCC.4020907@riovia.net \
--to=pcaritj@riovia.net \
--cc=netfilter@lists.netfilter.org \
--cc=tkevans@tkevans.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.