sadas sadas wrote:
> I can't find information is there linux or BSD distribution with effective
> firewall that uses optimized algorithm to store hundreds of IPs and to
> forward huge traffic. Any idea?
Hundreds?
http://www.openbsd.org/faq/pf/tables.html
"A table is used to hold a group of IPv4 and/or IPv6 addresses. Lookups
against a table are very fast and consume less memory and processor time
than lists. For this reason, a table is ideal for holding a large group of
addresses as the lookup time on a table holding 50,000 addresses is only
slightly more than for one holding 50 addresses. Tables can be used in the
following ways:
* source and/or destination address in filter, NAT, and redirection rules.
* translation address in NAT rules.
* redirection address in redirection rules.
* destination address in route-to, reply-to, and dup-to filter rule
options."
nuff said ?
I love linux, I've been using it for almost 15 years now, I absolutely
hate iptables(and ipchains, and ipfwadm). By contrast I absolutely
hate everything about OpenBSD except for pf(which I love, ipfw and
ipf aren't too bad either, at least for the era), so I use OpenBSD
for firewalls, and linux for everything else.
nate
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
