Any limit to number of iptables rules?
Anyone know if there is a limit to the number of iptables rules we can put into the linode UML kernel before SomethingBad happens?
Maybe something to consider?
I needed to block this bot requests and still have my apache up and running so i started to dynamically block through iptables. At the end of the first 24 hours i was already blocking over 22'000 distinct ip's. I had to upgrade my linode with 90 extra mb of RAM (from a linode 360) but everything else was fine!
After a week i had already blocked over 53'000 different ips. Everything ran like a charm and was still able to keep apache running untill eventually the bots stopped trying…
By the way, i flushed up tables once a week, just in case.
After a week i had already blocked over 53'000 different ips. I suppose my 500 (577 now) is nothing to worry about then
I appreciate all the other suggestions, but so far I'm not terribly worried about the security of the system. I think I'm going to hold out on port 22 until I see a more viable threat.
Besides, it is kinda cool to get a list of somebody's botnet