Date: Tue, 24 Aug 2021 15:59:21 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: ipfw Table Organization Message-ID: <CAHu1Y71z9TZvYvtC2URHDbTyvJhAEuK1Mgv5burMWk4XMXfaVA@mail.gmail.com> In-Reply-To: <7b9a7c6a-fc0e-a605-6938-8b89c09e0336@tundraware.com> References: <9e6cd8e2-a06e-468b-7245-d5ff13309763@tundraware.com> <CAHu1Y71uhG4WdfWOb-nR=DqNgr-pMOkKBTWZBdfp8NCeQSLHRw@mail.gmail.com> <7b9a7c6a-fc0e-a605-6938-8b89c09e0336@tundraware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 24, 2021 at 3:41 PM Tim Daneliuk <tundra@tundraware.com> wrote: > On 8/24/21 5:30 PM, Michael Sierchio wrote: > > Do you really mean 100,000 firewall rules? 100,000 CIDR blocks is not > > a problem. You should probably consolidate CIDR blocks before adding > them > > to a > > table, because it's a longest-prefix-match. > > > Most of the 100,000 are CIDR blocks but there are probably on the order > of 5000-ish IPs > An IPv4 address is a CIDR block with a netmask of /32 ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y71z9TZvYvtC2URHDbTyvJhAEuK1Mgv5burMWk4XMXfaVA>