[tech] madako and ipsets
Adrian Chadd
adrian at ucc.gu.uwa.edu.au
Sun May 6 20:28:30 WST 2007
On Sun, May 06, 2007, David Adam wrote:
> On Sun, 6 May 2007, Adrian Chadd wrote:
> > There's two things to do:
> >
> > * do proper connection marking, so we can pass established flows
> > without having to re-evaluate every rule again, and
> > * use something like ip sets in iptables to store the set of
> > freenets ips, not linearly evaluated firewall rulesets.
>
> I think you mean three!
>
> * Throw more hardware at the problem
You are a candidate for my O(wtf) T-shirt.
Adrian
More information about the tech
mailing list