[ previous ] [ next ] [ threads ]
 
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] adding large number of country IPs to monowall
 Date:  Mon, 20 Apr 2009 09:17:31 -0500
Gil Vidals wrote:
> I'm brand new to m0n0wall. I've been reading the documentation and forums to
> learn about m0n0wall. My commercial firewall (Sonicwall) only allows me to
> add 100 rules; however, I need to add about 2,000 CIDR ranges
> (XX.XX.XX.XX/YY).

There is no way to combine those more?

> I plan on creating the XML entries using a perl script to generate the 2,000
> rules. Then I would copy and paste the rules into m0n0wall's config.xml
> file.
> 
> 1) Is this a reasonable approach?
> 
> 2) How can I estimate the amount of RAM required to hold 2,000 rules?
> 
> 3) Has anyone done this.

Reasonable, yes.  But possible?  The question is, "Can it fit in ram?" 
and "Can it fit in the disk image?"  Your config file will be giant, and 
the disk image is not...  The only thing to do is to try with 100, and 
see the difference.  You can check what it does to your disk with the 
hidden status.php page.

			Lee