On Sunday 2010-04-18 15:46, Alessandro Vesely wrote: > > Correct. Browsing action.d/iptables.conf one finds > actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP > actionunban = iptables -D fail2ban-<name> -s <ip> -j DROP > > I don't know whether fail2ban uses some other storage to remember frequently > banned IPs. If you are using iptables for actionban, it would not need to. You can make use of iptables-save or ipset -S on shutdown. > How would you compare iptables and netfilter? Like you compare a tree with soil? > I mean fail2ban actions versus looking up a b-tree file, Where does that btree file come from, and what should it be useful for? >in terms of rough > memory consumption and responsiveness expectations? For the max number of > entries, I reckon b-trees can allow to map the entire IPv4 address space > within 1Tb of mass storage. But what might be the difference with usual > volumes? > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
