Re: iptables limit module broken on sparc?
In article <[🔎] Pine.LNX.4.44.0208151516190.30936-100000@boater.Princeton.EDU>
kmccarty@Princeton.EDU writes:
>iptables -N DROP_AND_LOG
>iptables -A DROP_AND_LOG -p tcp --match limit --limit 3/hour --limit-burst 3 \
> -j LOG --log-level info
># only log TCP since there are so many random UDP packets floating around
>iptables -A DROP_AND_LOG -j DROP
This works for me:
# droplog
iptables -N droplog
iptables -A droplog -m limit --limit 3600/hour --limit-burst 20 -j LOG
iptables -A droplog -j DROP
The importent difference appears to be "-m limit" rather than "--match
limit".
--
Blars Blarson blarson@blars.org
http://www.blars.org/blars.html
"Text is a way we cheat time." -- Patrick Nielsen Hayden
Reply to: