Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 1 May 2005 11:10:33 -0500 (CDT)
From:      Chuck Rock <>
To:        Richard Tector <>
Subject:   RE: Problem with high load on Xeon server...
Message-ID:  <>
In-Reply-To: <000001c54e62$5ab80ca0$0c01000a@RLaptop>
References:  <000001c54e62$5ab80ca0$0c01000a@RLaptop>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
I'm still thinking the bridge firewall is the best route since I can
effect all of my inbound servers at one point instead of loading up the
rules on each individual server.

I will look into the pf solution.


On Sun, 1 May 2005, Richard Tector wrote:

> >Why 60,000 IP's you ask... These boxes ar ehigh traffic mail servers, and
> >I've got an extensive sendmail access file. I wanted to keep the servers
> >from handling so much spam by blocking the IP's of relays that failed the
> >access list relay check.
> >Over about one week, I have 60,000+ unique IP addresses from my logs.
> You might want to consider using pf which has extensive table support. I'm
> not sure what the limits are on the table size, but you simply add another.
> This means a minimal ruleset and table lookups are orders of magnitude
> faster than rule processing.
> Ipfw now has table support. In 5.3+ at least. I don't know how quick these
> are in comparison to pf however.
> The only problem with using pf is you'd ideally need to upgrade to 5.3 or
> above. Perhaps rig up another box to try it on?
> Regards,
> Richard Tector
> _______________________________________________
> mailing list
> To unsubscribe, send any mail to ""

Want to link to this message? Use this URL: <>