[tech] madako and ipsets
David Adam
zanchey at ucc.gu.uwa.edu.au
Sun May 6 20:25:47 WST 2007
On Sun, 6 May 2007, Adrian Chadd wrote:
> There's two things to do:
>
> * do proper connection marking, so we can pass established flows
> without having to re-evaluate every rule again, and
> * use something like ip sets in iptables to store the set of
> freenets ips, not linearly evaluated firewall rulesets.
I think you mean three!
* Throw more hardware at the problem
David Adam
zanchey@
More information about the tech
mailing list