From owner-freebsd-questions@FreeBSD.ORG Wed Jan 14 16:27:22 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4F298106568A for ; Wed, 14 Jan 2009 16:27:22 +0000 (UTC) (envelope-from matrix@itlegion.ru) Received: from corpmail.itlegion.ru (corpmail.itlegion.ru [84.21.226.211]) by mx1.freebsd.org (Postfix) with SMTP id 7DE5D8FC16 for ; Wed, 14 Jan 2009 16:27:21 +0000 (UTC) (envelope-from matrix@itlegion.ru) Received: (qmail 62442 invoked from network); 14 Jan 2009 19:27:19 +0300 Received: from unknown (HELO ?192.168.0.12?) (192.168.0.12) by 84.21.226.211 with SMTP; 14 Jan 2009 19:27:19 +0300 Message-ID: <496E117D.8030306@itlegion.ru> Date: Wed, 14 Jan 2009 19:23:25 +0300 From: Artem Kuchin Organization: IT Legion User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: "freebsd-questions@freebsd.org" Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Subject: Blocking very many (tens of thousands) ip addresses in ipfw X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jan 2009 16:27:22 -0000 I need to block around 150000 ip addreses from acccess the server at all at any port. The addesses are random, they are not nets. These are the spammer i want to block for 24 hours. The list is dynamically generated and regenerated every hour or so. What is the most efficient way to do it? At first i thought doing ipfw rules using 5 ips per rule, that would result in 30000 rules! This will be too slow! I need to something really quick and smart. Like matching the first number from ip (195 from 192.1.2.3), if it does not match - skip, if it does - compare the next one and so on. -- Regards Artem Kuchin