iptables out of memory?

Alan Johnson alan at datdec.com
Thu Jan 22 17:19:14 EST 2009


I'm using a simple `iptables -A INPUT -s $ipa -j DROP` in a script to block
known spammers that show up in my mail log.  I created a seperate script to
purge out some older offenders but I broke it (now fixed) and at about 123K
blocked IPAs, I get "iptables: Memory allocation problem" messages until I
remove some of them.

Is iptables really limited to that many records or something?  Can I tweak
that somewhere?  The machine has plenty of RAM free.

Is there a way to specify multiple IPAs on a single rule?  I tired a comma
list, but no love.

Is there a more efficient way to add and remove records than a separate call
to iptables for each IPA?

Thanks!

__________________
Alan Johnson
alan at datdec.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20090122/78a06443/attachment.html 


More information about the gnhlug-discuss mailing list