Grant Taylor wrote:
On 05/07/08 15:01, Steven Kath wrote:
Have you considered using netfilter's ip sets for this? Sounds like
it might be perfect for your needs.
With out knowing how or what the OP is accounting we don't know if
s/he is looking at each individual network that is being filtered or
if it is clients behind the system. If it is networks that are being
filtered I would think that the single ipset rule would make it much
harder, if not impossible, to keep accounting data for a single rule.
I do not need to keep individual accounting data for each network that
is blocked.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
