From owner-freebsd-net@FreeBSD.ORG Tue Dec 23 15:32:26 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BED5734D for ; Tue, 23 Dec 2014 15:32:26 +0000 (UTC) Received: from mx.aknet.kg (mx.aknet.kg [212.112.96.8]) by mx1.freebsd.org (Postfix) with ESMTP id 6922266FD7 for ; Tue, 23 Dec 2014 15:32:26 +0000 (UTC) Received: from mx.aknet.kg (localhost.aknet.kg [127.0.0.1]) by mx.aknet.kg (Postfix) with ESMTP id 4A9E21CDEE for ; Tue, 23 Dec 2014 21:32:25 +0600 (KGT) Received: (from nobody@localhost) by mx.aknet.kg (8.13.8/8.13.8/Submit) id sBNFWPSm021199; Tue, 23 Dec 2014 21:32:25 +0600 (KGT) (envelope-from info@aknet.kg) X-Authentication-Warning: mx.aknet.kg: nobody set sender to info@aknet.kg using -f To: Subject: Re: Netmap-ipfw, how to fill a table by 15K entries =?UTF-8?Q?=3F?= X-PHP-Originating-Script: 501:main.inc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Tue, 23 Dec 2014 21:32:25 +0600 From: info@aknet.kg In-Reply-To: <54997C9F.7@grosbein.net> References: <20141223130201.83220.333300601.swift@crm.aknet.kg> <54997C9F.7@grosbein.net> Message-ID: <63ee7a61354bdbe2e588496eb3af384e@aknet.kg> X-Sender: info@aknet.kg User-Agent: Roundcube Webmail/0.7.2 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Dec 2014 15:32:26 -0000 Eugene, sure, first we tried was a method with file. But after first 2-3 rules (table 10 add xxx.xxx.xxx.xxx) it hangs and we loose console interaction. (the last FreeBSD-Stable 10.1) It needs to open new console and kill a process ./ipfw /usr/local/.../rules.txt And ./ipfw table 10 list shows only 2-3 new rules from any (20 or 15K in file) May be this case (placing many enties into tables) was not tested by developers? Azamat Eugene Grosbein писал 2014-12-23 20:30: > On 23.12.2014 20:02, IT Department, AkNet ISP wrote: >> Hello to All >> >> Can anybody tell, how to fill a table with large number of entries ? >> >> Sure, It can be done by standard method by ./ipfw table 10 add >> xxx.xxx.xxx.xxx in a script, but each entry takes couple of seconds >> to >> be placed into a table: >> >> ./ipfw table 10 add 192.168.10.50 >> connected to 127.0.0.1:5555 >> >> And takes many hours to do all job. >> >> May be there is a way to open a socket and place a bulk commands, >> for >> example: >> telnet localhost 5555 >> table 10 add xxx.xxx.xxx.xxx >> >> But it doesn't work as written above. >> >> May be Senior Luigi can explane how to do such work as fast as it >> done by ordinary ipfw ? > > /sbin/ipfw can take full pathname of text file containing list of > commands like: > > table 10 add x.x.x.x > table 10 add x.x.x.y > ... > > So, it parses them all and executes at once. Read man ipfw, section: > LIST OF RULES AND PREPROCESSING > > Eugene Grosbein > > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to > "freebsd-net-unsubscribe@freebsd.org"