El vie, 10 de 12 de 2004 a las 20:11, Miguel Angel Amador L escribiÃ: > Hi All > I need implement a firewall that support 2000 concurrent sessions, it > is posible with Iptables/Netfiler ?? > What need to do? > > Thanks for all > > regards > Miguel Angel Amador L. > In theory you should have no problems or netfilter limitations on that matter. What you will need it's enough memory and a powerful CPU. It's very important that you optimize the rules as much as you can, having in mind how the packets traverse the chains and the rules and trying that the sessions traverse the minimum number of rules. You should also use connection tracking so related and established connections are accepted with just a few rules. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
