I've tried finding some resources to help me on my dilemma, but wasn't successful in my approach. So here goes:
I am implementing an automated firewall manager for Windows Firewall which will ban some offending IP address for a certain port, for a certain period of time, after which the same firewall manager will remove the ban. My trouble is deciding whether I should just stick to creating a new rule for each IP/port pair or create one rule for each port and only edit the IP list to add/remove an IP address. My main consideration would be if one of the approach would yield better performance than the other. It would suit me better to use one rule for each IP/port pair, but I don't mind going for the other approach if it is significantly better.
Thanks!
Aucun commentaire:
Enregistrer un commentaire