Msg#: 4521839 posted 9:49 pm on Nov 25, 2012 (gmt 0)
deny from 22.214.171.124/22 126.96.36.199/22 188.8.131.52/20 184.108.40.206/16 220.127.116.11/24
Well, ###. Yet another thing I didn't realize you could do.
Does this format run faster than one deny per line, as in
deny from 18.104.22.168/22 deny from 22.214.171.124/22 deny from 126.96.36.199/20 deny from 188.8.131.52/16 deny from 184.108.40.206/24
Incidentally, I've got 220.127.116.11/14 as a single block. Did I miss a bit of Australia hiding in the middle? Also 18.104.22.168/18 as a country unit (not necessarily all the same ISP). But I don't pay much attention to Indonesia.
Msg#: 4521839 posted 12:13 am on Nov 26, 2012 (gmt 0)
No, using a command for every IP is not as fast as grouping many IPs on a line for 2 reasons:
1.) takes extra bytes for the "deny from" code.
2.) each line is read per command. Starting a new command for each IP is more processing.
I start a new line for each A class just as a management technique, CIDRs separated by a single space. Example: deny from 22.214.171.124/13 126.96.36.199/15 deny from 188.8.131.52/16 184.108.40.206/32 220.127.116.11/23 deny from 18.104.22.168/16 deny from 22.214.171.124/23 deny from 126.96.36.199/12 deny from 188.8.131.52/8 deny from 184.108.40.206/16 220.127.116.11/14 deny from 18.104.22.168/22 22.214.171.124/24 126.96.36.199/24 188.8.131.52/24 deny from 184.108.40.206/24 220.127.116.11/24 18.104.22.168/24 22.214.171.124/17 126.96.36.199/18 188.8.131.52/28 184.108.40.206/29 220.127.116.11/19
Msg#: 4521839 posted 1:39 am on Nov 26, 2012 (gmt 0)
Thank you so much for clarifying,, keyplyr, now I know where I'm heading with the country codes. I had never entered multiple CIDRs in a single line before, didn't know we could do that. It would be dizzying to edit lines that are too long, so I'm adding them in related batches. Unless someday I find out that numerical order is important for performance.