APF& numiptent

**thecoalman** · 06-11-2011, 06:49 AM

I'm hitting the limit on numiptent and it's currently at 1500. Before I open a ticket requesting it be raised I want to make sure I need it raised.

As far as I can tell APF loads this list of IP's: http://www.spamhaus.org/drop/drop.lasso

There's about 462 listed there and if I look at .ipt chains which as far as I can tell is the compiled rules that section looks like this as sample:

Code:

Chain SDROP (2 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 DROP       all  --  *      *       109.196.140.0/24     0.0.0.0/0           
2        0     0 DROP       all  --  *      *       0.0.0.0/0            109.196.140.0/24

I'm assuming each IP accounts for 2 against the numiptent limit? Is that correct?

The amount of IP's being blocked has slowly grown over time and this seems to be the only source I can find for the increase. I'm using BFD but as far as I can tell deny.hosts is purged of older entries occasionally.

**JPC-Masood** · 06-13-2011, 07:47 AM

Originally Posted by thecoalman

Before I open a ticket requesting it be raised I want to make sure I need it raised.

Yes it needs to be raised. I would recommend that you clear up old blocks after a month or two to keep your blocks current.

**thecoalman** · 06-14-2011, 04:26 PM

....and the tech says it's "a *very* high number already".

Let me get back to my original question:

I'm assuming each IP accounts for 2 against the numiptent limit? Is that correct?

I'll note I realize these are ranges. Is my assumption correct? Is it necessary?

Because if it is then the only way to alleviate this is to stop using the spamhaus block list because that is what is driving the high numbers as far as I can tell.

**JPC-Bilal** · 06-14-2011, 08:23 PM

Hi thecoalman,

Yes, usually each IP rule actually accounts for 2 numiptent limit. Please provide us the ticket number in which you contacted technical support so that we can raise the limit of NumIPTent for you.

Secondly, APF blocks ranges of IPs that are marked as abusers or spammers but each IP range is accounts for only one or two 'numiptent' limit. Though these ranges can be released if required. Thank you.

For further assistance please update your ticket.

**thecoalman** · 06-15-2011, 06:35 AM

Thanks, I'll just post link to this thread in the ticket.

LinkBack

Thread Tools

Display

APF& numiptent

Bookmarks

Bookmarks

Posting Permissions