matching a list of IP's
Samuel.Krempp@crans.ens-cachan.fr
Samuel.Krempp@crans.ens-cachan.fr
Sun, 16 Jul 2000 14:12:36 +0200
I did find it, in the April archive, and that can do even more than I need !
The pools I wanted to use dont need to be dynamically modified. I guess this
dynamical behaviour can be useful for maintaining a "black list" of IP's for the
firewall to block, as the defensive response of an Intrusion Detection System..
I think the other types of pools and lookups (binary searches, hash, sequential)
are not very useful with IPv4, but might be absolutely needed for IPv6
adresses, when the adresses live in a space too big to be stored in a bitmap..
I'll try ippool, and from the samples shown in the Readme, it should be perfect
for me.
Is there any issue with ippool, about stability, or crashes when put under heavy
load, or anything ?
The altest version I found is 0.0.3, from April 25. It really is the latest ?
Is the flushing still un-implemented ? that's not critical, as I can easily use
a script to empty the firewall, unload the module, and reloads the firewall and
the pool, but it would be cleaner with a flush..
It's good to find ipool exists, thanks for the good work !
--
Samuel
Quoting bof@oknodo.bof.de:
> I implemented this some time ago; search the list archives for "ippool".
>
> Did not do much with what I reported/patched then, but I hope to find
> some time soon.
>
> Patrick
>