[ale] iptables limits?
Jim Popovitch
jimpop at yahoo.com
Fri Jun 3 11:54:31 EDT 2005
On Fri, 2005-06-03 at 11:31 -0400, Jonathan Rickman wrote:
> The correct number was 5000. I goofed the edit after logging into the
> system to verify that Jim's setup was even more excessive than I
> thought.
[snip]
> > I'm seeing double...
>
> The correct number was 5000. I goofed the edit after logging into the
> system to verify that Jim's setup was even more excessive than I
> thought. ;)
OK, the double speak needs some restraint. ;-)
Regarding large quantities of iptables rules, what other ways would you
go about:
-blocking 3,000+ IPs from ongoing port scan attacks
-blocking 2,500+ IPs from http/https scripting attacks
-blocking 1,200+ IPs from sending viruses and/or smtp port-knocking
I suppose I could be cruel and block the common subnets, but then
instead of restricting 7,000 IPs I could be restricting 7M.
If 50,000 iptable rules don't cause any problems then why not use them?
-Jim P.
More information about the Ale
mailing list