问题描述

我开发一个IP筛选器，并猜测我怎么能，使用任何类型式的数据结构，开发出非常有效和快速的黑名单过滤。

I developing a Ip filter and was guessing how i could, using any type of esque data structure, develop a VERY efficient and fast BlackList filter.

我想要做的是简单的，每个传入/ outcoming方面，我必须检查受阻IP's列表。

What i want to do is simple, every incoming/outcoming connection i have to check in a list of blocked IP´s.

该IP地址被分散，内存使用应该是线性的（不依赖受阻列表中的号码的，因为我想在有限的系统使用（自制路由器））。

The IPs are scattered, and the memory use should be linear(not dependent of the number of blocked list, because i want to use on limited systems(homebrew routers)).

我有时间，可以创造从零任何东西。困难的是对我不重要。如果你可以使用任何东西，你该怎么办？

I have time and could create anything from zero. The difficulty is not important to me.If you can use anything, what you should do ?

推荐答案

，以提高这种系统的性能的一种方式是使用一个布隆过滤器。这是一个概率数据结构，占用很少的内存，其中假阳性是可能的，但假阴性不是

One way to improve the performance of such a system is to use a Bloom Filter. This is a probabilistic data structure, taking up very little memory, in which false positives are possible but false negatives are not.

当你要查找IP地址，您在布隆过滤器第一次检查。如果有一个小姐，你可以允许流量的时候了。如果有一击，你需要检查你的权威数据结构（如哈希表或preFIX树）。

When you want to look up an IP address, you first check in the Bloom Filter. If there's a miss, you can allow the traffic right away. If there's a hit, you need to check your authoritative data structure (eg a hash table or prefix tree).

您也可以创建一个小的缓存，在布隆过滤器命中，但实际上允许的地址，也就是布隆过滤器后，但权威数据结构前检查。

You could also create a small cache of "hits in the Bloom Filter but actually allowed" addresses, that is checked after the Bloom Filter but before the authoritative data structure.

基本上，想法是加快快速路径（IP地址允许）在慢速路径为代价（IP地址被拒绝）。

Basically the idea is to speed up the fast path (IP address allowed) at the expense of the slow path (IP address denied).

这篇关于实施黑名单的最有效的方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！