blob: e7767b91d7e8a5307b94c17aa61cdf29bd996a84 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
From 085e778404e3058cc2b803d4d0fbd106abad8bd0 Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Fri, 2 Aug 2013 12:31:12 +0300
Subject: [PATCH] limit packet/connection rate per source IP
---
awall/modules/filter.lua | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/awall/modules/filter.lua b/awall/modules/filter.lua
index f01b586..d21b79e 100644
--- a/awall/modules/filter.lua
+++ b/awall/modules/filter.lua
@@ -212,7 +212,7 @@ function Filter:extraoptfrags()
if count > RECENT_MAX_COUNT then
ofrags = {
{
- opts='-m limit --limit '..count..'/second',
+ opts='-m hashlimit --hashlimit-upto '..count..'/second --hashlimit-mode srcip --hashlimit-name '..chain,
target=logchain(self.log, 'accept', 'ACCEPT')
},
{target='DROP'}
--
1.8.3.3
|