Re: [Shorewall-users] shorewall restart / compile.pl speed...

helloo Tuomo, --- Mitten drin statt nur Datei! Am 2020-11-20 15:30, schrieb Tuomo Soini: On Fri, 20 Nov 2020 13:25:20 +0100 Marko Horn via Shorewall-users wrote: i changed to "ipset". i did 2 ipsets, blacklisting & whitelisting, these ipsets i reference in blrules. now, shorewall restart

Re: [Shorewall-users] shorewall restart / compile.pl speed...

On Fri, 20 Nov 2020 13:25:20 +0100 Marko Horn via Shorewall-users wrote: > i changed to "ipset". > i did 2 ipsets, blacklisting & whitelisting, these ipsets i > reference in blrules. > now, shorewall restart & check runs in seconds! > the ipsets i update once a day. Remember to set

Re: [Shorewall-users] shorewall restart / compile.pl speed...

Ahoi!, --- Mitten drin statt nur Datei! Am 2020-11-18 19:32, schrieb Tuomo Soini: On Wed, 18 Nov 2020 18:34:39 +0100 Marko Horn via Shorewall-users wrote: do you know about a step by step guide for "ipset shorewall guide"? https://shorewall.org/blacklisting_support.htm#idm79 i changed

Re: [Shorewall-users] shorewall restart / compile.pl speed...

On Wed, 18 Nov 2020 18:34:39 +0100 Marko Horn via Shorewall-users wrote: > do you know about a step by step guide for "ipset shorewall guide"? https://shorewall.org/blacklisting_support.htm#idm79 -- Tuomo Soini Foobar Linux services +358 40 5240030 Foobar Oy

Re: [Shorewall-users] shorewall restart / compile.pl speed...

hello Tuomo, --- Mitten drin statt nur Datei! Am 2020-11-17 15:30, schrieb Tuomo Soini: On Tue, 17 Nov 2020 15:13:51 +0100 Marko Horn via Shorewall-users wrote: >>> hello list, >>> i use shorewall with large blrules that got updated once a day. Using blrules is bad idea if you have large

Re: [Shorewall-users] shorewall restart / compile.pl speed...

Also note that rule set optimization was speeded up by an order of magnitude in Shorewall 5.2.4. Tom On November 17, 2020, at 6:56 AM, Tuomo Soini wrote: On Tue, 17 Nov 2020 15:13:51 +0100 Marko Horn via Shorewall-users wrote: > >>> hello list, > >>> i use shorewall with large blrules that

Re: [Shorewall-users] shorewall restart / compile.pl speed...

On Tue, 17 Nov 2020 15:13:51 +0100 Marko Horn via Shorewall-users wrote: > >>> hello list, > >>> i use shorewall with large blrules that got updated once a day. Using blrules is bad idea if you have large set of blacklist entries. Consider switching to ipset for blacklisting. You don't even

Re: [Shorewall-users] shorewall restart / compile.pl speed...

Hi, --- Mitten drin statt nur Datei! Am 2020-11-16 14:45, schrieb Matt Darfeuille: On 11/16/2020 2:09 PM, Matt Darfeuille wrote: On 11/16/2020 12:03 PM, Marko Horn via Shorewall-users wrote: hello list, i use shorewall with large blrules that got updated once a day. on 'shorewall restart'

Re: [Shorewall-users] shorewall restart / compile.pl speed...

On 11/16/2020 2:09 PM, Matt Darfeuille wrote: > On 11/16/2020 12:03 PM, Marko Horn via Shorewall-users wrote: >> >> hello list, >> i use shorewall with large blrules that got updated once a day. >> on 'shorewall restart' it take ages that optimizing ruleset & co got ready. >> i see 'comile.pl'

Re: [Shorewall-users] shorewall restart / compile.pl speed...

On 11/16/2020 12:03 PM, Marko Horn via Shorewall-users wrote: > > hello list, > i use shorewall with large blrules that got updated once a day. > on 'shorewall restart' it take ages that optimizing ruleset & co got ready. > i see 'comile.pl' uses just "1" core on the system. > > is it possible

[Shorewall-users] shorewall restart / compile.pl speed...

hello list, i use shorewall with large blrules that got updated once a day. on 'shorewall restart' it take ages that optimizing ruleset & co got ready. i see 'comile.pl' uses just "1" core on the system. is it possible to make compile.pl use every core from cpu? best regards marko --