ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

IPSET / Faststart

https://mail.forum.configserver.com/viewtopic.php?t=8808

Page 1 of 1

IPSET / Faststart

Posted: 07 Jul 2015, 09:19
by cmodijk
Currently CSF is using separate calls to support ipset and with a big list of blocked ip-adresses (25000) this takes a long time to add al of them to ipset.

Before the CSF ipset support we where using our own implementation of ipset and we are using the restore method of ipset to import the list very fast. What you do is create a file with al of the add calls like this.

File ipset.records:

Code: Select all

add -exist list_name 1.2.3.5
add -exist list_name 1.2.3.4
add -exist list_name 1.2.3.7
And then restore the rules like this

Code: Select all

ipset restore -! < ipset.records
I think this could be a huge preformance boost for csf with ipset when Faststart is enabled.

Re: IPSET / Faststart

Posted: 07 Jul 2015, 10:07
by ForumAdmin
Thank you for the suggestion. We will look into implementing this in the next major release - we do already use ipset restore for some functionality but not part of FASTSTART.

Re: IPSET / Faststart

Posted: 13 Jul 2015, 17:15
by ForumAdmin
This has been implemented in csf v8.00:
http://blog.configserver.com/

Re: IPSET / Faststart

Posted: 28 Jul 2015, 07:26
by cmodijk
Cool tnx!
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited