Any chance making it configurable ? On Tue, Jan 15, 2013 at 1:49 AM, Jan Engelhardt <jengelh@xxxxxxx> wrote: > On Tuesday 2013-01-15 07:32, 叶雨飞 wrote: > >>Hi, >> >>Is anyone here have experience on connnlimit performance? I am >>trying to use it to limit connection per dest IP (about 1K of them ) >>on a 100Mbps firewall. (without only about 70k connections) and as >>soon as put this rule in, cpu usage sky raise. > > > connlimit uses a fixed hash table of 256 buckets and thus a lot less > optimal than hashlimit's default table-size of 4096 buckets (assuming > a machine with >= 1 GB RAM and 64-bit kernel). -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
