Date: Wed, 14 Jan 2009 19:23:25 +0300 From: Artem Kuchin <matrix@itlegion.ru> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Blocking very many (tens of thousands) ip addresses in ipfw Message-ID: <496E117D.8030306@itlegion.ru>
next in thread | raw e-mail | index | archive | help
I need to block around 150000 ip addreses from acccess the server at all at any port. The addesses are random, they are not nets. These are the spammer i want to block for 24 hours. The list is dynamically generated and regenerated every hour or so. What is the most efficient way to do it? At first i thought doing ipfw rules using 5 ips per rule, that would result in 30000 rules! This will be too slow! I need to something really quick and smart. Like matching the first number from ip (195 from 192.1.2.3), if it does not match - skip, if it does - compare the next one and so on. -- Regards Artem Kuchin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?496E117D.8030306>