My server sometimes is under attack by DDOS, so I want to make a simple script which read the log (Apache access log), do the analysis, and set the rule to drop the packets from a specific IP. Since it is DDOS, so I assume there will be large ammount of unique IP needed to be input into the iptables. I want to know, are there any hidden efficiency problem in this setup? Or any better method? Howard. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
