Le 20/09/2016 à 10:13, Pablo Neira Ayuso a écrit :
On Fri, Sep 16, 2016 at 06:50:22PM +0200, Christophe Leroy wrote:
Hi
I tried to limit ping flooding by setting the following rule:
nft add rule filter input icmp type echo-request limit rate 10/second accept
This is matching packets under
On Fri, Sep 16, 2016 at 06:50:22PM +0200, Christophe Leroy wrote:
> Hi
>
> I tried to limit ping flooding by setting the following rule:
>
> nft add rule filter input icmp type echo-request limit rate 10/second accept
This is matching packets under the rate, so packets under the rate are
accepte
Hi
I tried to limit ping flooding by setting the following rule:
nft add rule filter input icmp type echo-request limit rate 10/second accept
But it doesn't work, I can still ping flood the target.
What I see is that nft_limit_pkts_eval() is called only once at the
begining of the flood.
After