PDA

Bekijk de volledige versie : PeerGuard



barsju
11-02-2005, 15:31
Hi, I got a tip from a friend about peerguard. As far as I understand it drops packets from a list of blocked ip address series that have been proven to belong to goverment agencies and other P2P unfriendly organisations. So I was thinking of running this on my wl500g. They have a linux distro, but it has some requirements like lynx and netip.. But I was thinking that it can't really be that hard to implement. Basically all I need is a script that downloads and unzips the block-list (wget), and then pumps the ip addresses into iptables.

I am however a bit concerned about the size of the block list. One of them is about 2,5MB.. That makes a hell of a big iptable.. Will the router have enough ram to manage that? And will it affect performance? Is there another way to implement this? If its to much for my router I guess I'll have to install it on my clients instead..

Sjur

gilsas
15-02-2005, 20:25
The block list size might not be the biggest issue ... I guess that dynamically filtering IPs in a such big list would require a lot of CPU power ... not even sure that the R3000-like CPU is capable of doing that without implying a dramatic performance loss.

A good idea anyway, deserve giving a try :)