Re: How many rules were supported iptables?

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M\M이근수 at <-
MMEric Dumazet at ->

Reply to this message
Author: Peter
Date:  
To: 이근수
CC: netfilter-devel
Subject: Re: How many rules were supported iptables?
이근수 wrote:

>Hi All.
>I have a problem that is how many rules were supported iptables.
>The program which I maintain and repair generated iptables rules automatically.
>Now, I encounter this problem.
>Source and destination IP address is written range by user.( ex, 1.1.1.1~1.1.1.10 ) then our program generated 10 IP address(1.1.1.1, 1.1.1.2, 1.1.1.3, … , 1.1.1.10) and make 10 iptables rules.
>Unfortunately, user wrote iptables rules like this, 10,000 rules is generated.
> “ iptalbes –A FORWARD –p tcp –s 1.1.1.1~1.1.1.100 –d 2.2.2.1~2.2.2.100 –j QUEUE”.
>Do 10,000 rules operate safely?? Or Some rules don’t operate normally??
>If some rules don’t operate normally, how many rules iptables does support??
>
>
>
>
It's the 4 MB in total size of rules. (This is the maximum size of a
chunc of data copy from userspace to kernel space in
one syscall)


This message was posted to the following mailing lists:
Netfilter Development
Mailing List Info | Nearby Messages		<-How many rules were supported iptables?Re: How many rules were supported iptables?->
Mailing List Archives by the Free Network Group administrated by Federico Sevilla IIILurker (version 2.1)