Re: iptables limit module broken on sparc?

To: debian-sparc@lists.debian.org, kmccarty@Princeton.EDU
Cc:
Subject: Re: iptables limit module broken on sparc?
From: Blars Blarson <blarson@blars.org>
Date: Thu, 15 Aug 2002 17:45:49 -0700
Message-id: <[🔎] 200208160045.g7G0jnjK007491@monkey.nat.blars.org>
In-reply-to: <[🔎] Pine.LNX.4.44.0208151516190.30936-100000@boater.Princeton.EDU>

In article <[🔎] Pine.LNX.4.44.0208151516190.30936-100000@boater.Princeton.EDU> 
kmccarty@Princeton.EDU writes:
>iptables -N DROP_AND_LOG
>iptables -A DROP_AND_LOG -p tcp --match limit --limit 3/hour --limit-burst 3 \
>	-j LOG --log-level info
># only log TCP since there are so many random UDP packets floating around
>iptables -A DROP_AND_LOG -j DROP

This works for me:

# droplog
iptables -N droplog
iptables -A droplog -m limit --limit 3600/hour --limit-burst 20 -j LOG
iptables -A droplog -j DROP

The importent difference appears to be "-m limit" rather than "--match
limit".
-- 
Blars Blarson			blarson@blars.org
				http://www.blars.org/blars.html
"Text is a way we cheat time." -- Patrick Nielsen Hayden

Reply to:

Follow-Ups:
- Re: iptables limit module broken on sparc?
  - From: "Kevin B. McCarty" <kmccarty@Princeton.EDU>

References:
- iptables limit module broken on sparc?
  - From: "Kevin B. McCarty" <kmccarty@Princeton.EDU>

Prev by Date: Re: SS1+: real bad stability after woody-upgrade
Next by Date: Re: dual boot on Ultra SPARC
Previous by thread: iptables limit module broken on sparc?
Next by thread: Re: iptables limit module broken on sparc?
Index(es):
- Date
- Thread