Karsten Bräckelmann wrote: > On Sun, 2009-04-12 at 12:12 -0700, Tom Eastep wrote: >> Karsten Bräckelmann wrote: >>> On Tue, 2009-04-07 at 09:12 -0700, Tom Eastep wrote: > >>>> ACCEPT net fw tcp 22 - - s:ssh:3/min >>>> >>>> This will limit SSH connections from net->fw to 3 per minute. >>> Sweet! So this effectively supersedes the Limit [1] action? >>> >>> I assume it also uses the recent match -- does it actually generate the >>> same iptables rules? >> It uses hashlimit. > > Ah, you got me there -- could you elaborate? Does it actually supersede > the Limit action? >
Well, I'm not going to remove the Limit action, if that's what you are asking. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
