On Wed, 2004-03-17 at 14:25, Cedric Blancher wrote: > Le mer 17/03/2004 Ã 19:46, Victor Julien a Ãcrit : > > My program (written in c) creates rules by opening a pipe to > > /sbin/iptables. However this is quite slow with large rulessets and on > > slow hardware. Is there another way, like an iptables librarycall or > > something? > > You could use iptables libs that stand in /usr/lib/iptables, just like > iptables does. > > You should however ask netfilter developpers mailing list. > > Cc : netfilter-devel@xxxxxxxxxxxxxxxxxxx The above solution is probably better than mine but I write out my new rules to a file in iptables-save format and then use iptables-restore -n <filename>. This is dramatically faster than calling iptables - John -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
