Thank you! you are really great. I m sure I m getting make u bored with my questions due to being a newbie in iptables tool, but I wonder whether it could be done on a determined IP address or a port such as 80, instead of icmp packets? Thanks, FD On 6/24/05, Dmytro O. Redchuk <dor@xxxxxxx> wrote: > On Fri, Jun 24, 2005 at 01:40:50PM +0300, Fatih D?zova wrote: > > Thank you for the suggestion you gave. > > Could you give me a simple example of "iptables ... --match random > > --average <percent> ..." ?, because I could not understand how to > > implement it.. > > Thank you, > Mmmm... Let me try... > > Oh sorry... My distro lacks libipt_random.so %) > > Anyway I would try something like: > > # iptables -A INPUT --match random --average 10 \ > --protocol icmp --icmp-type echo-reply -j DROP > > or > > # iptables -A OUTPUT --match random --average 10 \ > --protocol icmp --icmp-type echo-request -j DROP > > > ... to achieve 10% drop of echo replies for local machine. > > > > Sorry, I must submit a bug to bugzilla :-) see you.. > > > > > FD > > -- > _,-=._ /|_/| > `-.} `=._,.-=-._., @ @._, > `._ _,-. ) _,.-' > ` G.m-"^m`m' Dmytro O. Redchuk > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
