Iptables: router performance

Original: Iptables – производительность роутера (Russian)

Incorrect iptables settings may cause poor router performance. I'll show you how can you improve iptables performance

Disable connection tracking

The first thing you need to do (if you are not using NAT) is to disable connection tracking in nat table, PREROUTING chain:


Notice that if you have rules with match module, you'll have to change them to avoid match module. Also, all rules using conntrack will stop working.

Place 'hottest' rules to the top

Read more…

Monit: lightweight monitoring solution

Monit is a simple, lightweight, but useful and powerful enough monitoring solution for your servers.

Monit can monitor: * OS processes (presence, resources) * files, directories and file system for changes (mtime, size and checksum changes) * network hosts (ping, TCP connections)

Monit can notify administrator via configurable e-mail messages. It also can automatically restart failed service.

Monit has an embedded web-server which allows to view state on monitoring objects and disable or enable them.

Read more…