* Connection or process limit
@ 2002-10-11 19:24 Pete Davis
0 siblings, 0 replies; only message in thread
From: Pete Davis @ 2002-10-11 19:24 UTC (permalink / raw)
To: "netfilter@lists.netfilter.org", netfilter
I am trying to find out the capacity of my iptables firewall. Is there
a limit for the state table in terms of connections it can track? How
about a Linux limit on processes, etc.? We have a DS3 at 15mb/s and I
want to make sure my box can handle it before I continue on my project.
Currently, I have a 500mhz Intel box with 256mb of memory and
server-class Intel 10/100 NICs. It seems this should be able to handle
it if I tweak the kernel configs properly.
This box is going to be acting more as a screening router than a
firewall (it is a bridging + iptables firewall... no IP on the box).
The rule set will be minimal as I just want to screen out obvious bad
traffic from getting to the network OUTSIDE my firewall (from the
internet). The main firewall does a great job for the internal stuff
but I want to help the external stuff as much as possible without
interfering with legitimate traffic.
Any comments, helpful hints, words of experience...?
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2002-10-11 19:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-10-11 19:24 Connection or process limit Pete Davis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox