[solved] Firewall max destinations in block list

If I were to add , lets say 7000 entries of the type

list dest_ip n.n.n.0/n

to a config rule could I expect my router to

A) work fine
B)work but spend most of its cpu checking the above rule
C)melt down and turn into a molten pile of plastic and metal

Thanks :}

I'm not sure but what about doing it in DNSMasq? I have hundreds of thousands in my blocklist and time is always zero and barely registers on the CPU.

I have a dual core 1ghz with plenty of RAM so your results may vary.

consider creating an ipset or nft set, depending on version of OpenWrt and then creating a firewall rule to target said ipset/nft set.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.