From owner-freebsd-net@FreeBSD.ORG Tue Jun 20 21:31:53 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D51BD16A4D1 for ; Tue, 20 Jun 2006 21:31:53 +0000 (UTC) (envelope-from brett@lariat.org) Received: from lariat.net (lariat.net [65.122.236.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18D0F43D68 for ; Tue, 20 Jun 2006 21:31:52 +0000 (GMT) (envelope-from brett@lariat.org) Received: from Anne (IDENT:ppp1000.lariat.net@lariat.net [65.122.236.2]) by lariat.net (8.9.3/8.9.3) with ESMTP id PAA15163; Tue, 20 Jun 2006 15:31:49 -0600 (MDT) X-message-flag: Warning! Use of Microsoft Outlook renders your system susceptible to Internet worms. Message-Id: <7.0.1.0.2.20060620152540.06cc64e8@lariat.org> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Tue, 20 Jun 2006 15:26:25 -0600 To: Luigi Rizzo , net@freebsd.org, Phil Regnauld From: Brett Glass In-Reply-To: <7.0.1.0.2.20060620151013.042be3f8@lariat.org> References: <7.0.1.0.2.20060620143845.06662330@lariat.org> <20060620205730.GC3968@catpipe.net> <20060620140722.A1192@xorpc.icir.org> <7.0.1.0.2.20060620151013.042be3f8@lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Cc: Subject: Re: Best way to block a long list of IPs? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2006 21:31:53 -0000 Oh, by the way: I should mention that the server is running FreeBSD 4.11. It's doing file-intensive work, and file system performance in FreeBSD 6.x is noticeably slower. Your message does suggest another possible solution, though. Would blackhole routes be more efficient than using IPFW? --Brett Glass