diff options
| -rw-r--r-- | awall/model.lua | 10 | ||||
| -rw-r--r-- | awall/modules/filter.lua | 15 |
2 files changed, 11 insertions, 14 deletions
diff --git a/awall/model.lua b/awall/model.lua index c261c51..50e1fe4 100644 --- a/awall/model.lua +++ b/awall/model.lua @@ -591,7 +591,7 @@ end function M.Limit:rate() return math.ceil(self.count / self.interval) end -function M.Limit:recentopts() +function M.Limit:recentopts(name) local count = self.count local interval = self.interval @@ -600,9 +600,11 @@ function M.Limit:recentopts() interval = 1 end - if count <= RECENT_MAX_COUNT then - return '--update --hitcount '..count..' --seconds '..interval - end + if count > RECENT_MAX_COUNT then return end + + local rec = '-m recent --name '..name + return rec..' --update --hitcount '..count..' --seconds '..interval, + rec..' --set' end function M.Limit:limitofrags(name) diff --git a/awall/modules/filter.lua b/awall/modules/filter.lua index 31ae700..d28a658 100644 --- a/awall/modules/filter.lua +++ b/awall/modules/filter.lua @@ -244,21 +244,16 @@ function Filter:extraoptfrags() local logch, limitofs local accept = self:position() == 'append' - local recentopts = limitobj:recentopts() + local uopts, sopts = limitobj:recentopts(limitchain) - if recentopts then + if uopts then ofrags, logch = self:logchain(limitlog, 'drop', 'DROP') - limitofs = combinations( - {{opts='-m recent --name '..limitchain}}, - { - {opts=recentopts, target=logch}, - {opts='--set', target=accept and 'ACCEPT' or nil} - } - ) + limitofs = {{opts=uopts, target=logch}} if accept and self.log then - table.insert(limitofs, 2, self.log:optfrag()) + table.insert(limitofs, self.log:optfrag()) end + table.insert(limitofs, {opts=sopts, target=accept and 'ACCEPT' or nil}) else if accept then |