PF Tables par a fi cea mai buna idee:
http://cvs.openbsd.org/faq/pf/tables.html
"A table is used to hold a group of IPv4 and/or IPv6 addresses. Lookups
against a table are very fast and consume less memory and processor time
than lists. For this reason, a table is ideal for holding a large group
of addresses as the lookup time on a table holding 50,000 addresses is
only slightly more than for one holding 50 addresses."
Mda...cam la asta ma gandeam si eu. O intrebare totusi, cum
integrez lista de subneturi in regulile de firewall (am o lista cu
subnetu-rile de la rds si e destul de lunga)? un exemplu, ceva.
Exemplele pe care le-am gasit nu tratau astfel de probleme. :(
--
Claudiu Dragalina-Paraipan
e-mail: dr.clau-aaj5L+LQ+kOvSplVBqRQBQ@xxxxxxxxxxxxxxxx
| 