On Wed, Aug 12, 2020 at 03:00:03PM +0200, Martin Sukany wrote: > Hi, > > as the tables are stored in RAM anyway during thee processing it’s > moreless matter of how fast are your DIMMs / CPU. I’m usually work > with several tables with cca 30 K records - no impact on the > performance so far.
So, for as long as the table(s) do not spill out of cpu's cache, it is going to be a not so huge problem. If you run memtest, the difference between various caches is big, but cache vs ram is huge. Is there a way to have listing of offending IPs and perhaps grouping them into /nn subnets - other than writing oneself the script? Something as easy as awk might suffice, I guess - and then instead of five rules, just one rule for a subnet. If IPs are close enough to form a subnet (now, what is "close enough", there might be interesting problem). Of course, this way, some IPs will be excluded even if they did nothing wrong (yet). Another nice thing to have might be a utility which looks for rules and disables those which did not fired up during last x seconds (by looking up through firewall logs, perhaps). I have no idea if there is such utility and am not sure how to look it up. -- Regards, Tomasz Rola -- ** A C programmer asked whether computer had Buddha's nature. ** ** As the answer, master did "rm -rif" on the programmer's home ** ** directory. And then the C programmer became enlightened... ** ** ** ** Tomasz Rola mailto:tomasz_r...@bigfoot.com **
