[arx] 1388861355 learn Every iptables(1) invocation will download the ruleset from the kernel, perform the modification — in case of -A this is adding just one rule — and upload it back into the kernel. Repeat that n times, and you get a cost factor of O(n^2) to perform n operations. Use iptables-restore(1) for one atomic operation: http://inai.de/documents/Perfect_Ruleset.pdf [arx] 1388861413 forget [arx] 1388861439 learn Every iptables(1) invocation will download the ruleset from the kernel, perform the modification - in case of -A this is adding just one rule - and upload it back into the kernel. Repeat that n times, and you get a cost factor of O(n^2) to perform n operations. Use iptables-restore(1) for one atomic operation: http://inai.de/documents/Perfect_Ruleset.pdf llua 1420956897 forget