On Tue, 2005-06-07 at 20:54, Niall O Broin wrote:
> You can use iptables to allow access based on addresses or ranges. I'm
> guessing that enough ranges to cover most Irish ISPs would lead to
> quite a few iptables rules. Which brings up a question - how well does
> iptables scale? Will you start to notice slowdowns with 100 rules?
> 1000? 10000? I know that this of course depends on the rules, and on
> the CPU. And in fact, I suppose if your rules are on state new, as mine
> are for ssh, it hardly matters - a further 1 second delay in setting up
> an ssh connection wouldn't be a disaster, generally.
Heres a list of the CIDR blocks in Ireland that's updated every day &
easy to use in a script.
http://www.completewhois.com/statistics/data/ips-bycountry/rirstats/IE-cidr.txt
--
John Reilly <jr at inconspicuous.org>
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
