Date: Wed, 28 May 2003 00:51:54 -0400 From: Paul Chvostek <paul@it.ca> To: freebsd-net@freebsd.org Subject: ipfw rules vs routes to localhost? Message-ID: <20030528045154.GA95572@mail.it.ca>
next in thread | raw e-mail | index | archive | help
I'm considering: ipfw add N deny ip from a.b.c.d to any vs. route add -host a.b.c.d localhost I need to block traffic to a number of IP addresses. I thought I'd use ipfw to avoid things like UDP DNS lookups that might come in ant take up resources while my system tried to respond, but it's been suggested on another list that setting routes to localhost will use less resources. Ideally, I'd like to be able to block a few tens of thousands of IPs. What's the scoop? -- Paul Chvostek <paul@it.ca> Operations / Abuse / Whatever it.canada, hosting and development http://www.it.ca/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030528045154.GA95572>