top | item 38836573

(no title)

shishcat | 2 years ago

I remember having a friend with an extemely sluggish server. Turns out the reason behind this sluggishness was that he set a permanent fail2ban bantime, which added thousands of records to iptabes; any packet, even not SSH, the server had to check the source IP against thousands of records. After purging the rules and switching the bantime the server was usable again.

discuss

pepa65|2 years ago

This should happen in-kernel and is lightning-fast, so should not be an issue. Maybe a pre-netfilter box..?

72deluxe|2 years ago

Big iptables lists are indeed incredibly slow; use ipset for large lists instead.