Am Die, 2003-05-13 um 17.40 schrieb Michael Albrecht: > Hello, > i use iptables with Debian-Linux (2.4.20). > Wenn i install 150 Input-Chains like this: > iptables -A input -s 192.168.81.xxx > i will lose a lot of perfomance (for example: apache take a lot of time, ssh ...) > Wenn i show the perfomance with vmstat - vmstat says that 99 % is idel... > Wer is the Problem ??? I doubt that iptables itself is responsible for the performance loss. I rather suspect name resolution. Can you post you rules or at least some timing information? Cheers, Ralf -- Ralf Spenneberg RHCE, RHCX Book: Intrusion Detection für Linux Server http://www.spenneberg.com IPsec-Howto http://www.ipsec-howto.org Honeynet Project Mirror: http://honeynet.spenneberg.org
