Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
---
doc/payload-expression.txt | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/doc/payload-expression.txt b/doc/payload-expression.txt
index a2284ce8c3d9..eb98e5d7898c 100644
--- a/doc/payload-expression.txt
+++ b/doc/payload-expression.txt
@@ -619,5 +619,13 @@ integer (64 bit)
|zone|
conntrack zone |
integer (16 bit)
+|count|
+count number of connections
+integer (32 bit)
|==========================================
A description of conntrack-specific types listed above can be found
sub-section CONNTRACK TYPES above.
+
+.restrict the number of parallel connections to a server
+--------------------
+filter input tcp dport 22 meter test { ip saddr ct count over 2 } reject
+--------------------
--
2.11.0
