ipfw rules vs routes to localhost?
From: Paul Chvostek (paul_at_it.ca)
Date: 05/28/03
- Previous message: Julian Elischer: "RE: A problem with too many network interfaces"
- Next in thread: Crist J. Clark: "Re: ipfw rules vs routes to localhost?"
- Reply: Crist J. Clark: "Re: ipfw rules vs routes to localhost?"
- Reply: _at_babolo.ru: "Re: ipfw rules vs routes to localhost?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 May 2003 00:51:54 -0400 To: freebsd-net@freebsd.org
I'm considering:
ipfw add N deny ip from a.b.c.d to any
vs.
route add -host a.b.c.d localhost
I need to block traffic to a number of IP addresses. I thought I'd use
ipfw to avoid things like UDP DNS lookups that might come in ant take up
resources while my system tried to respond, but it's been suggested on
another list that setting routes to localhost will use less resources.
Ideally, I'd like to be able to block a few tens of thousands of IPs.
What's the scoop?
-- Paul Chvostek <paul@it.ca> Operations / Abuse / Whatever it.canada, hosting and development http://www.it.ca/ _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Julian Elischer: "RE: A problem with too many network interfaces"
- Next in thread: Crist J. Clark: "Re: ipfw rules vs routes to localhost?"
- Reply: Crist J. Clark: "Re: ipfw rules vs routes to localhost?"
- Reply: _at_babolo.ru: "Re: ipfw rules vs routes to localhost?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
