2002-04-12 13:55:46+0000, Tomas Edwardsson <[EMAIL PROTECTED]> -> > I have been told that this is the intended behaviour of netfilter but > I still need to fix it and I am wondering if someone has a patch > or can point me in the general direction on how to change the behaviour > explained in this mail. >
[snip problem] Yes this is a know problem. There exists even mroe problem with the current limit as well. I have a new limit which can do much more AND saves the state between reloads of rules. It first version but was just stresstested on a test-router pushing 130K pps on a test SMP-machine with a i820 chipset (which everyone knows sucks badly on routing but was all that was left for testing purpose). Thanks to Martin Josefsson for help me with this test. The code i wrote seams to have handed out very well. Its fast. No bugs where found. Download it at http://www.dtek.chalmers.se/~d97gozem/hashslot_superlimit.tar.bz2 Apply the hashslot first since superlimit depends on that module. A second version is coming soon. I have found one bug that it will initialize the memory the hashtable should use even if we aren't going to use that part. Minor bug and wont crash your computer. Second i have had help with some spelling misstakes. One more feature may be added, namly that we stop ALL traffic when we go over our limit, for anti DoS. Stay put :-) Also a bug in the Makefile, not appling clean on 2.4.19-pre -- /Joakim Axelsson A.K.A Gozem@EFnet & OPN
