Re: The limit module

To: Debian Firewall List <debian-firewall@lists.debian.org>
Subject: Re: The limit module
From: Michael Kreilmeier <michi@kreilmeier.at>
Date: 23 Oct 2002 07:53:24 +0200
Message-id: <[🔎] 1035352404.685.6.camel@z618>
In-reply-to: <[🔎] 20021023035238.GA1257@candy>
References: <[🔎] 20021023035238.GA1257@candy>

You probably want to use the "--limit-burst" option. "man iptables" will
help to find out what it does.
By the way, "-s 0/0" is exactly the same as not specifiying the source
address at all.
Then try tp floodping your machine (ping -f $YOURIP) and see if it
works.

Hope that helped,
Michael.

On Wed, 2002-10-23 at 05:52, iruum0lap@yahoo.co.uk wrote:
> Hei
> 
> Put the following rule in a fw. I thought that it work so that only 3 logs per 
> minute would be made of ping requests. 
> 
>   # log and accept ping requests
>   $IPT -A INPUT -p icmp -s 0/0 --icmp-type 8 -m limit --limit 3/minute -j LOG --log-prefix "ping"
>   $IPT -A INPUT -p icmp -s 0/0 --icmp-type 8 -j ACCEPT
> 
> Doesn't seem to work that way. Seems that all ping requests are logged - a bit 
> irritating as I have a friend who often leaves ping running and goes and
> does other stuff when he is testing the connection to this machine and the 
> logs get even more boring to read than normal. 
> 
> Am I missing something?
> 
> t.irvine
> 
> -- 
> 
>  Whoever thinks a faultless piece to see,
>  Thinks what ne'er was, nor is, nor ne'er shall be.
> 
>  Alexander Pope, An Essay On Criticism.
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

References:
- The limit module
  - From: iruum0lap@yahoo.co.uk

Prev by Date: The limit module
Next by Date: Re: The limit module
Previous by thread: The limit module
Next by thread: Re: The limit module
Index(es):
- Date
- Thread