I've about had it with attacks to our web server emanating from certain geographical areas. This is not a display of Xenophobia. I have never really used IPT.
It takes about 4,000 lines for Korea and China alone and that's with
CIDR formatting.
Two questions:
1. Will a table that size create a problem? Is that even a very large
table?
2. I have single lines like:
"/sbin/iptables -A INPUT -s 61.32.0.0/16 -j REJECT"
What is the most efficient means of logging matches? I suppose that I
could create another shell script replacing REJECT with LOG or am I was
off?
Thanks.
--
----------------------------------------------------
Hart's PGP Key: 0xAB6D7FEA - http://TQMcube.com/hart_pgp.txt
----------------------------------------------------
Total Quality Management - A Commitment to Excellence
Email acceptance policy: http://www.TQMcube.com/email_policy.html
signature.asc
Description: This is a digitally signed message part
