Blame extensions/libxt_limit.man
|
Packit Service |
d1fe03 |
This module matches at a limited rate using a token bucket filter.
|
|
Packit Service |
d1fe03 |
A rule using this extension will match until this limit is reached.
|
|
Packit Service |
d1fe03 |
It can be used in combination with the
|
|
Packit Service |
d1fe03 |
.B LOG
|
|
Packit Service |
d1fe03 |
target to give limited logging, for example.
|
|
Packit Service |
d1fe03 |
.PP
|
|
Packit Service |
d1fe03 |
xt_limit has no negation support - you will have to use \-m hashlimit !
|
|
Packit Service |
d1fe03 |
\-\-hashlimit \fIrate\fP in this case whilst omitting \-\-hashlimit\-mode.
|
|
Packit Service |
d1fe03 |
.TP
|
|
Packit Service |
d1fe03 |
\fB\-\-limit\fP \fIrate\fP[\fB/second\fP|\fB/minute\fP|\fB/hour\fP|\fB/day\fP]
|
|
Packit Service |
d1fe03 |
Maximum average matching rate: specified as a number, with an optional
|
|
Packit Service |
d1fe03 |
`/second', `/minute', `/hour', or `/day' suffix; the default is
|
|
Packit Service |
d1fe03 |
3/hour.
|
|
Packit Service |
d1fe03 |
.TP
|
|
Packit Service |
d1fe03 |
\fB\-\-limit\-burst\fP \fInumber\fP
|
|
Packit Service |
d1fe03 |
Maximum initial number of packets to match: this number gets
|
|
Packit Service |
d1fe03 |
recharged by one every time the limit specified above is not reached,
|
|
Packit Service |
d1fe03 |
up to this number; the default is 5.
|