Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

load ipfw table addresses from file

58 views
Skip to first unread message

Alex Keda

unread,
Apr 9, 2010, 2:57:31 AM4/9/10
to freebsd...@freebsd.org
hi!
is there any plans to implement such opportunities?
for large files (we have 60k lines) it's very slow work

srv1# sh -E
# wc -l /root/scripts/db/table.25.txt
61073 /root/scripts/db/table.25.txt
# date && for i in `cat /root/scripts/db/table.25.txt`; do ipfw table 25
add $i; done && date
пятница, 9 апреля 2010 г. 10:42:01 (MSD)
пятница, 9 апреля 2010 г. 10:52:43 (MSD)
#
it took more than 10 minutes on busy server =(

Hizel Ildar

unread,
Apr 9, 2010, 3:14:12 AM4/9/10
to freebsd...@freebsd.org
В Fri, 09 Apr 2010 10:57:31 +0400
Alex Keda <ad...@lissyara.su> пишет:

> _______________________________________________
> freebsd...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to
> "freebsd-curre...@freebsd.org"
>

my variant:

se@serv4 ~ >wc -l ip2.txt
65536 ip2.txt
se@serv4 ~ >sudo ipfw table 25 flush
se@serv4 ~ >sudo time ipfw /home/se/ip2.txt
0.94 real 0.54 user 0.39 sys
se@serv4 ~ >sudo ipfw table 25 list | wc -l
65536

but file like:
table 25 add 192.168.0.36
table 25 add 192.168.0.37
table 25 add 192.168.0.38
table 25 add 192.168.0.39
table 25 add 192.168.0.40
table 25 add 192.168.0.41
table 25 add 192.168.0.42

Alex Keda

unread,
Apr 9, 2010, 4:02:51 AM4/9/10
to freebsd...@freebsd.org
09.04.2010 11:14, Hizel Ildar пишет:

> В Fri, 09 Apr 2010 10:57:31 +0400
> Alex Keda<ad...@lissyara.su> пишет:
>
>
>> hi!
>> is there any plans to implement such opportunities?
>> for large files (we have 60k lines) it's very slow work
>>
>> srv1# sh -E
>> # wc -l /root/scripts/db/table.25.txt
>> 61073 /root/scripts/db/table.25.txt
>> # date&& for i in `cat /root/scripts/db/table.25.txt`; do ipfw table
>> 25 add $i; done&& date

>> пятница, 9 апреля 2010 г. 10:42:01 (MSD)
>> пятница, 9 апреля 2010 г. 10:52:43 (MSD)
>> #
>> it took more than 10 minutes on busy server =(
>> _______________________________________________
>> freebsd...@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-current
>> To unsubscribe, send any mail to
>> "freebsd-curre...@freebsd.org"
>>
>>
> my variant:
>
> se@serv4 ~>wc -l ip2.txt
> 65536 ip2.txt
> se@serv4 ~>sudo ipfw table 25 flush
> se@serv4 ~>sudo time ipfw /home/se/ip2.txt
> 0.94 real 0.54 user 0.39 sys
> se@serv4 ~>sudo ipfw table 25 list | wc -l
> 65536
>
> but file like:
> table 25 add 192.168.0.36
> table 25 add 192.168.0.37
> table 25 add 192.168.0.38
>
thanks, it is faster, but - this is a crutch =)

Julian Elischer

unread,
Apr 9, 2010, 4:06:46 AM4/9/10
to Alex Keda, freebsd...@freebsd.org
On 4/9/10 1:02 AM, Alex Keda wrote:
> 09.04.2010 11:14, Hizel Ildar пишет:

>>> # wc -l /root/scripts/db/table.25.txt


>>> 61073 /root/scripts/db/table.25.txt
>>> # date&& for i in `cat /root/scripts/db/table.25.txt`; do ipfw table
>>> 25 add $i; done&& date
>>> пятница, 9 апреля 2010 г. 10:42:01 (MSD)
>>> пятница, 9 апреля 2010 г. 10:52:43 (MSD)
>>> #
>>> it took more than 10 minutes on busy server =(
>>> _______________________________________________

[...]

>> but file like:
>> table 25 add 192.168.0.36
>> table 25 add 192.168.0.37
>> table 25 add 192.168.0.38
> thanks, it is faster, but - this is a crutch =)

yes but it is a crutch that is 600 times faster.

Ivan Voras

unread,
Apr 9, 2010, 5:25:46 AM4/9/10
to freebsd...@freebsd.org

I've never used the feature but ipfw has "-p preprocessor" argument
which looks like it might be used to process the file containing raw IP
addresses with a simple script that appends "table 25 add" to each
address before returning it to ipfw.

0 new messages