Linode Forum
Linode Community Forums 		 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic

Board index » Linux Community Forums » Linux Networking
  Print view Previous topic | Next topic 
Author Message
adamgent
 Post subject: Dynamic IP Tables
PostPosted: Sun Nov 16, 2003 10:26 am 
Offline
Senior Member
User avatar

Joined: Mon Jun 23, 2003 1:25 pm
Posts: 260
Hi All,

Does anyone know if it is possible using iptables, to say if there is more than x icmp packets in x amount of time to start to block icmp packets?

Adam
Top
   
Reply with quote  
inkblot
 Post subject: limit module
PostPosted: Sun Nov 16, 2003 10:47 am 
Offline
Senior Member
User avatar

Joined: Mon Sep 08, 2003 4:49 pm
Posts: 62
Location: Bucharest
Yes, there is a module called 'limit' which is documented in the iptables man page.

Quote:
limit
This module matches at a limited rate using a token bucket filter. A rule using this extension will match until
this limit is reached (unless the `!' flag is used). It can be used in combination with the LOG target to give
limited logging, for example.

--limit rate
Maximum average matching rate: specified as a number, with an optional `/second', `/minute', `/hour', or
`/day' suffix; the default is 3/hour.

--limit-burst number
Maximum initial number of packets to match: this number gets recharged by one every time the limit specified
above is not reached, up to this number; the default is 5.
Top
   
Reply with quote  
Display posts from previous:  Sort by  
Post new topic  Reply to topic

Board index » Linux Community Forums » Linux Networking


Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group