* Connection or process limit
@ 2002-10-11 19:24 Pete Davis
0 siblings, 0 replies; only message in thread
From: Pete Davis @ 2002-10-11 19:24 UTC (permalink / raw)
To: "netfilter@lists.netfilter.org", netfilter
I am trying to find out the capacity of my iptables firewall. Is there
a limit for the state table in terms of connections it can track? How
about a Linux limit on processes, etc.? We have a DS3 at 15mb/s and I
want to make sure my box can handle it before I continue on my project.
Currently, I have a 500mhz Intel box with 256mb of memory and
server-class Intel 10/100 NICs. It seems this should be able to handle
it if I tweak the kernel configs properly.
This box is going to be acting more as a screening router than a
firewall (it is a bridging + iptables firewall... no IP on the box).
The rule set will be minimal as I just want to screen out obvious bad
traffic from getting to the network OUTSIDE my firewall (from the
internet). The main firewall does a great job for the internal stuff
but I want to help the external stuff as much as possible without
interfering with legitimate traffic.
Any comments, helpful hints, words of experience...?
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2002-10-11 19:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-10-11 19:24 Connection or process limit Pete Davis
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.