On Tue, 2004-10-19 at 19:07 +0200, Martin G.H. Minkler wrote: > The effect certainly is, I was just wondering how the appendage or > insertion of another rule worked 'under the hood'.
AAhhh.... i get it :-) Knowing that to insert an element at the end of a list, in pseudocode: - create_new_element(n) - link_element(list, n) And inserting an element at the beggining of a list: - create_new_element(n) - newlist = create_new_list(number_of_elements(list+1)) - link_element(newlist,n) - copy_elements(newlist,list,1,number_of_elements(n)) So, seems quicker adding at the end of the list :-> > The background to my question is a 1.4MB IP blacklist I have to block. I > traverse so that only incoming NEW from $DEV_INET is passing that chain, > but appending the ruleset (i.e. at boottime) takes roughly 30min. > So I was wondering whether inserting might be quicker :-) Blacklisting from what? All services? Mail? Sometimes it's better a rule from "deny, then allow" then "allow, then deny". Your case may be the example. -- Juan Carlos Inostroza O. Registered Linux User #246002 [EMAIL PROTECTED] - http://www.tux.cl - http://foros.tux.cl Blogging for fun _and_ profit : http://jci.codemonkey.cl "We are just packets in the Internet of Life" -- UserFriendly
