In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>iptables -N DROP_AND_LOG
>iptables -A DROP_AND_LOG -p tcp --match limit --limit 3/hour --limit-burst 3 \
> -j LOG --log-level info
># only log TCP since there are so many random UDP packets floating around
>iptables -A DROP_AND_LOG -j DROP
This works for me:
# droplog
iptables -N droplog
iptables -A droplog -m limit --limit 3600/hour --limit-burst 20 -j LOG
iptables -A droplog -j DROP
The importent difference appears to be "-m limit" rather than "--match
limit".
--
Blars Blarson [EMAIL PROTECTED]
http://www.blars.org/blars.html
"Text is a way we cheat time." -- Patrick Nielsen Hayden
