Heres my situatuation: I need to create rules on the fly for (potentially) up to 4000 users. What I need is a way to delete *all* the rules for a given ip address without knowing the full contents of the rule (only the ip); as you might have guessed, I'm doing this programatically.
My current solution is to have one chain for each associated IP. Is there a better solution to this problem?
As for memory...I can have as much as I need, if anyone knows how much that would be. :)
Tim Evans wrote:
On Wed, 3 Sep 2003 09:25:51 +1000, George Vieira wrote
How much memory do you have???
I've added at once stage around 500+ rules in once chain alone, if that helps you in anyway..
Seems to me if you have to ask about the maximum number of rules, you already
have too many. There are ways to create general rules that apply to many
cases--i.e., address ranges, port ranges, etc.
--
Tim Evans | 5 Chestnut Court
tkevans@xxxxxxxxxxx | Owings Mills, MD 21117
http://www.tkevans.com/ | 443-394-3864
http://www.come-here.com/News/ |
.