how many rules can be added?

Marc Haber mh+netfilter at zugschlus.de
Thu Sep 16 18:48:29 CEST 2004


On Thu, Sep 16, 2004 at 05:10:27PM +0300, Alaadin wrote:
> how many ip tables rules can i add ?

As long as you have enough memory.

> i added already 40
> if i added untill 100 or 500 rule

I have once used a rule set with 8500 rules.

> would this make problems ?

maybe.

> would this make the system lag ?

maybe.

> would this make the system hang

probably not.

> how many ip tables rules can i add ? or its unlimited?

Pretty much unlimited.

Real impact on your system's performance will depend on the structure
of your rule set. If you have 6000 rules that will never match, so
that every packet has to traverse all of these rules before it is
finally accepted, you will feel a noticeable impact. If you, however,
ACCEPT established and related packets early in your rule chain, you
will most probably be fine with tens of thousands of rules.

Greetings
Marc


-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Karlsruhe, Germany |  lose things."    Winona Ryder | Fon: *49 721 966 32 15
Nordisch by Nature |  How to make an American Quilt | Fax: *49 721 966 31 29



More information about the netfilter mailing list