Julian,
I tested your method, result is negative, I see following:
First Console:
root@testbridge:/usr/local/netmap-ipfw/netmap-ipfw/ipfw # more
tab-cont.txt | ./ipfw /dev/stdin
connected to 127.0.0.1:5555
^C
Freeze. Have to interrupt by CTRL-C after 30 sec.
Second Console:
root@testbridge:/usr/local/netmap-ipfw/netmap-ipfw/ipfw # ./ipfw table
10 list
connected to 127.0.0.1:5555
192.168.103.10/32 0
192.168.103.100/32 0
but in tab-cont.txt
more tab-cont.txt | wc -l
11
table 10 add 192.168.103.10
table 10 add 192.168.103.100
table 10 add 192.168.103.101
table 10 add 192.168.103.102
table 10 add 192.168.103.103
table 10 add 192.168.103.104
table 10 add 192.168.103.105
table 10 add 192.168.103.106
table 10 add 192.168.103.107
table 10 add 192.168.103.109
table 10 add 192.168.103.11
If somebody have idea or wants to make tests - I can give ssh access to
my test server :)
Azamat
Elischer писал 2014-12-23 22:14:
On 12/23/14 11:32 PM, i...@aknet.kg wrote:
Eugene,
sure, first we tried was a method with file.
But after first 2-3 rules (table 10 add xxx.xxx.xxx.xxx) it hangs
and we loose console interaction.
(the last FreeBSD-Stable 10.1)
It needs to open new console and kill a process ./ipfw
/usr/local/.../rules.txt
And ./ipfw table 10 list shows only 2-3 new rules from any (20 or
15K in file)
May be this case (placing many enties into tables) was not tested by
developers?
I haven't used the file, but I have piped the commands into ipfw..
myscript | ipfw /dev/stdin
where "myscript" outputs all the commands derived from my
configuration.
(actually myscript was a python program when I worked for cisco)
Azamat
Eugene Grosbein писал 2014-12-23 20:30:
On 23.12.2014 20:02, IT Department, AkNet ISP wrote:
Hello to All
Can anybody tell, how to fill a table with large number of entries
?
Sure, It can be done by standard method by ./ipfw table 10 add
xxx.xxx.xxx.xxx in a script, but each entry takes couple of
seconds to
be placed into a table:
./ipfw table 10 add 192.168.10.50
connected to 127.0.0.1:5555
And takes many hours to do all job.
May be there is a way to open a socket and place a bulk commands,
for
example:
telnet localhost 5555
table 10 add xxx.xxx.xxx.xxx
But it doesn't work as written above.
May be Senior Luigi can explane how to do such work as fast as it
done by ordinary ipfw ?
/sbin/ipfw can take full pathname of text file containing list of
commands like:
table 10 add x.x.x.x
table 10 add x.x.x.y
...
So, it parses them all and executes at once. Read man ipfw,
section:
LIST OF RULES AND PREPROCESSING
Eugene Grosbein
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to
"freebsd-net-unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
