Date: Thu, 14 Sep 2006 11:09:02 -0400 From: Barney Wolff <barney@databus.com> To: Phil Regnauld <regnauld@catpipe.net> Cc: freebsd-net@freebsd.org, Willem Jan Withagen <wjw@digiware.nl> Subject: Re: blocking a string in a packet using ipfw Message-ID: <20060914150902.GA17230@pit.databus.com> In-Reply-To: <20060914134611.GW76403@catpipe.net> References: <4509592A.3040602@digiware.nl> <20060914134611.GW76403@catpipe.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 14, 2006 at 03:46:12PM +0200, Phil Regnauld wrote: > Willem Jan Withagen (wjw) writes: > > > > Now I'm pretty shure that ipfw does not stretch indefinitely to contain > > perhaps something like 100.000 ip-numbers (would be a nice test. :) ) > > Actually, it should. I have over 600000 addresses in an ipfw table with no observable trouble. But that rule is triggered only about 10000 times a day (part of a spam blocker). -- Barney Wolff I never met a computer I didn't like.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060914150902.GA17230>