diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2013-08-02 07:59:50 +0300 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2013-08-02 08:01:00 +0300 |
| commit | d83414351779f7b3201e36d294d8d15b17d0ebda (patch) | |
| tree | 54fa02844d91ed7376c6f879c1368bfaec6e8f43 /main/awall | |
| parent | d29a66e06d0cf83c9f3f3e01d8b4cf15f1b0d6a6 (diff) | |
| download | aports-d83414351779f7b3201e36d294d8d15b17d0ebda.tar.bz2 aports-d83414351779f7b3201e36d294d8d15b17d0ebda.tar.xz | |
main/awall: use hashlimit for hihgrate flow- and conn-limits
Patch from Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Diffstat (limited to 'main/awall')
| -rw-r--r-- | main/awall/APKBUILD | 14 | ||||
| -rw-r--r-- | main/awall/use-hashlimit.patch | 14 |
2 files changed, 23 insertions, 5 deletions
diff --git a/main/awall/APKBUILD b/main/awall/APKBUILD index b29e3fc3d3..8526b4b3d0 100644 --- a/main/awall/APKBUILD +++ b/main/awall/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> pkgname=awall pkgver=0.3.1 -pkgrel=0 +pkgrel=1 pkgdesc="Alpine Wall" url=http://git.alpinelinux.org/cgit/awall/ arch=noarch @@ -10,7 +10,8 @@ license=GPL-2 replaces="awall-nat" depends="bind-tools ip6tables ipset iptables lua lua-alt-getopt lua-filesystem lua-json4 lua-pc lua-signal lua-sleep lua-stringy xtables-addons" subpackages=$pkgname-masquerade -source="http://dev.alpinelinux.org/archive/awall/awall-${pkgver}.tar.bz2" +source="http://dev.alpinelinux.org/archive/awall/awall-${pkgver}.tar.bz2 + use-hashlimit.patch" _builddir=$srcdir/awall-${pkgver} @@ -42,6 +43,9 @@ masquerade() { done } -md5sums="b0547d6c2a90515b0fd66b3b9cf80ad6 awall-0.3.1.tar.bz2" -sha256sums="7780a298b2f09ec959974e5f6fc5c64c196aa8c33b2bc0135a15dcfcb315cacb awall-0.3.1.tar.bz2" -sha512sums="5e4e150812899dd47ff607e5701e59fa17b4889c4dd2f60df864d3f831d28f89ac277789e7de6bb70a1578723f7e8782a3fccb3a645aeec35a013b8e62c01880 awall-0.3.1.tar.bz2" +md5sums="b0547d6c2a90515b0fd66b3b9cf80ad6 awall-0.3.1.tar.bz2 +502dfb94d8211304c3f119aa4e0005f3 use-hashlimit.patch" +sha256sums="7780a298b2f09ec959974e5f6fc5c64c196aa8c33b2bc0135a15dcfcb315cacb awall-0.3.1.tar.bz2 +26da6858a9a583bdc280e2c42522607f2d449228e9e7a13fe6635522180cfa45 use-hashlimit.patch" +sha512sums="5e4e150812899dd47ff607e5701e59fa17b4889c4dd2f60df864d3f831d28f89ac277789e7de6bb70a1578723f7e8782a3fccb3a645aeec35a013b8e62c01880 awall-0.3.1.tar.bz2 +542d0bd3eb6a8e336460c2cca56b01c4c2d3ea2ce92f975429bd22078882caad3404e915fd48d2cb311caa585002b484311b0f2bff032494f1efe26cb7756ebe use-hashlimit.patch" diff --git a/main/awall/use-hashlimit.patch b/main/awall/use-hashlimit.patch new file mode 100644 index 0000000000..e8d768d39c --- /dev/null +++ b/main/awall/use-hashlimit.patch @@ -0,0 +1,14 @@ +diff --git a/awall/modules/filter.lua b/awall/modules/filter.lua +index f01b586..d21b79e 100644 +--- a/awall/modules/filter.lua ++++ b/awall/modules/filter.lua +@@ -212,7 +212,7 @@ function Filter:extraoptfrags() + if count > RECENT_MAX_COUNT then + ofrags = { + { +- opts='-m limit --limit '..count..'/second', ++ opts='-m hashlimit --hashlimit-upto '..count..'/second --hashlimit-mode srcip --hashlimit-name '..chain, + target=logchain(self.log, 'accept', 'ACCEPT') + }, + {target='DROP'} + |