How many rules were supported iptables?
Peter
pme at ufh.se
Fri Oct 20 08:43:33 CEST 2006
이근수 wrote:
>Hi All.
>I have a problem that is how many rules were supported iptables.
>The program which I maintain and repair generated iptables rules automatically.
>Now, I encounter this problem.
>Source and destination IP address is written range by user.( ex, 1.1.1.1~1.1.1.10 ) then our program generated 10 IP address(1.1.1.1, 1.1.1.2, 1.1.1.3, … , 1.1.1.10) and make 10 iptables rules.
>Unfortunately, user wrote iptables rules like this, 10,000 rules is generated.
> “ iptalbes –A FORWARD –p tcp –s 1.1.1.1~1.1.1.100 –d 2.2.2.1~2.2.2.100 –j QUEUE”.
>Do 10,000 rules operate safely?? Or Some rules don’t operate normally??
>If some rules don’t operate normally, how many rules iptables does support??
>
>
>
>
It's the 4 MB in total size of rules. (This is the maximum size of a
chunc of data copy from userspace to kernel space in
one syscall)
More information about the netfilter-devel
mailing list