From: Julien Vehent <julien@linuxwall.info>
To: Michael Schwartzkopff <misch@multinet.de>
Cc: netfilter <netfilter@vger.kernel.org>
Subject: Re: SpamHaus DROP list in Netfilter
Date: Tue, 16 Dec 2008 17:30:01 +0100 [thread overview]
Message-ID: <a7b1c995733e51ccfc4d9975e73376db@localhost> (raw)
In-Reply-To: <200812161604.37183.misch@multinet.de>
On Tue, 16 Dec 2008 16:04:36 +0100, Michael Schwartzkopff
<misch@multinet.de> wrote:
> Am Dienstag, 16. Dezember 2008 15:27 schrieben Sie:
>> Hi All,
>>
>> I was wondering how I could integrate the spamhaus drop list
>> (http://www.spamhaus.org/drop/drop.lasso) into my Netfilter rules.
>>
>> The list is not too long, so I thought putting it directly into a new
>> chain
>> would be doable without degrading too much the performances. Somebody
>> also
>> told me to use a chains tree, but I wonder if this is necessary
>> considering
>> the size of the list...
>>
>> Has anybody done this before ?
>>
>> Thanks,
>> Julien
>
> google von "iptables spamhaus" gives you the site:
>
http://robotterror.com/site/wiki/aggressive_spam_and_zombie_blocking_via_spamhaus_org_drop_and_iptables
>
> on the first place.
>
> Cheers,
>
Dear Doctor,
Thanks for your tremendous help for adding a rule in a chain...... :/
My question, however, concerns more the performances issue. This list will
be checked for every single TCP-SYN or UDP packet that goes through the
kernel, and if the first byte is something like 128 , it's definitely
useless to try all the 91.*
But implementing a tree of chains in netfilter is also quite a pain in the
ass. So before choosing a solution, I would like the opinion of the
community.
Best regards,
Julien
--
www.linuxwall.info
next prev parent reply other threads:[~2008-12-16 16:30 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-16 14:27 SpamHaus DROP list in Netfilter Julien Vehent
[not found] ` <200812161604.37183.misch@multinet.de>
2008-12-16 16:30 ` Julien Vehent [this message]
2008-12-16 17:55 ` Sven-Haegar Koch
2008-12-17 10:03 ` Julien Vehent
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a7b1c995733e51ccfc4d9975e73376db@localhost \
--to=julien@linuxwall.info \
--cc=misch@multinet.de \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox