* Brian Gunlogson (bmg300@xxxxxxxxx) wrote: > What is a reasonable way to match around 80000 IP ranges with iptables? If there aren't too many actual *IP*s then you might look into ipt_recent. It does more than you actually need but I've put 1.5M IP addresses in an ipt_recent hash before. Many more than that and ipt_recent runs into problems because it can't allocate enough memory w/ the default kernel memory setup. Stephen
Attachment:
signature.asc
Description: Digital signature
