Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Jan 2009 19:23:25 +0300
From:      Artem Kuchin <>
To:        "" <>
Subject:   Blocking very many (tens of thousands) ip addresses in ipfw
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help
I need to block around 150000 ip addreses from acccess the server at all
at any port.  The addesses are random, they are not nets.
These are the spammer i want to block for 24 hours.
The list is dynamically generated and regenerated every hour or so.
What is the most efficient way to do it?
At first i thought doing ipfw rules using 5 ips per rule, that would
result in 30000 rules! This will be too slow!
I need to something really quick and smart. Like matching the first
number from ip (195 from,
if it does not match - skip, if it does - compare the next one
and so on.

Artem Kuchin

Want to link to this message? Use this URL: <>