Hello dear all,
please if anybody knows this by chance: How big is the system impact, if I block many different CIDRs (and different subnetlevels), and also a few ASNs, with the CSF firewall (ASNs in CC field, and additional blocklists with CIDRs) ?
Does blocking such big lists translate all of the ranges in single IP-rules, with a lot of system ressource usage ?
Or does a ASN or CIDR entry counts almost same as a single IP rule on system impact? (thinking at RAM, processes, maybe other limits?)
My plan is to block ASNs from OVH and DigitalOcean, and - if generally ASNs have not big impact - then maybe more ASNs from Colocrossing and Amazon. Amazon has big lot of ASNs. And then followed by another lot of IP-ranges from many countries ( with this generator https://www.countryipblocks.net/acl.php )
Thank you!
please if anybody knows this by chance: How big is the system impact, if I block many different CIDRs (and different subnetlevels), and also a few ASNs, with the CSF firewall (ASNs in CC field, and additional blocklists with CIDRs) ?
Does blocking such big lists translate all of the ranges in single IP-rules, with a lot of system ressource usage ?
Or does a ASN or CIDR entry counts almost same as a single IP rule on system impact? (thinking at RAM, processes, maybe other limits?)
My plan is to block ASNs from OVH and DigitalOcean, and - if generally ASNs have not big impact - then maybe more ASNs from Colocrossing and Amazon. Amazon has big lot of ASNs. And then followed by another lot of IP-ranges from many countries ( with this generator https://www.countryipblocks.net/acl.php )
Thank you!
Last edited:
