Portsentry and too many iptables rules?
James McDonald
james at jamesmcdonald.id.au
Sun Jul 13 00:07:28 PDT 2008
Shawn Tayler wrote:
> Hi Guys,
>
> I've been running portsentry v2.0b1 for many years, since before it was closed
> up. I seem to remember someone spending some time with it, correcting a few
> bugs etc. Is there a newer versions out there? If not are there any issues
> with it, and replacements you would recommend?
>
> Also, how may is too many iptables drop rules? I currently have somewhere
> around 50,000 and growing, thanks in part to portsentry, is there a better
> way to handle large blocked and drop rules quantities?
>
> Shawn
>
Wow 50,000 what would cause you to have that many drop rules?
Wouldn't setting the default policy to DROP be more effective? Or am I
missing why you would have 50k of rules?
iptables -P INPUT|OUTPUT|FORWARD DROP
More information about the Linux-users
mailing list