[Users] Hardware node - Iptables firewall with ipset
Martin Wheldon
mwheldon at googlemail.com
Tue Mar 24 11:23:43 EDT 2009
My thoughts were to utilise it as a method of dealing with bogon
networks so there wouldn't be thousands of entries.
But there would be a significant number.
Guess I'll have to test it and find out...
Martin
2009/3/24 Dariush Pietrzak <ml-openvz-eyck at kuszelas.eu>:
>> Does this mean you are using it on production machines, just not
> I'm using it on production machines, but am not using it extensively, so
> basically it was just sitting almost idle since ~1 year, I was planning on
> reconfiguring systems to start reaping ipset's benefits in few months, but
> since Sergey suggested there might be some hidden problems there, I would
> have to schedule more extensive tests.
> If the problem Sergey pointed to is real ( if the memory ran out on that
> machine due to memory leak in ipset and not due to the fact that he was
> loading millions of rules into that machine ), I wouldn't have noticed it.
>
> --
> Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9
> Total Existance Failure
> _______________________________________________
> Users mailing list
> Users at openvz.org
> https://openvz.org/mailman/listinfo/users
>
More information about the Users
mailing list