Július Bemš wrote:
Hello,
I have to try solve this problem:
-If there is a lot of rules in the packet filter table, it takes a quite
long time for 'iptables' to add a new rule (the change will be seen
sometimes in 30 seconds).
-I don't know how 'iptables' exactly works, but I thinked about changing
rules exactly in the table, which is in-memory. It could take less time than
'iptables'
So my question is: Is this what I have described real? If yes, are there
some utilities by which I can change in-memory packet filter table? Because
I want avoid writing some code in c.
Do you use iptables--restore? If not, look into that. If yes, well, I'm
afraid I cannot help you.
HTH,
M4
