Hi Matt, I guess this is what I was looking for. Thanks again, Eli On Tue, 2008-05-13 at 10:29 -0500, Matt Zagrabelny wrote: > On Tue, 2008-05-13 at 09:59 +0300, Eli Hadad wrote: > > Hi all, > > > > I am new to iptables and have few question I hope you can help with: > > 1. Is there a limit to the number of rules I can add to specific chain? > > I need to have around 20000 rules. > > 2. What is the performance implications of using this large number of > > rules? Is there any numbers people can share. > > 3. I also saw the HIPAC project which claim to have much better > > performance. Is there any work done to integrate same type of > > functionality into iptables? > > Google: hipac ipset > > Look at the first pdf link. It talks about performance and netfilter. It > also addresses HIPAC and ipset. > > I would say that you want to look at ipset. > > Cheers, > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
