On Thursday 2010-08-19 21:21, Mistick Levi wrote: >Hi, >thanks for the quick reply. > >Could you point a few links with more information? for example what >modules update internal state and why the evaluation order is >important? xt_hashlimit.ko xt_limit.ko xt_quota.ko xt_recent.ko xt_statistic.ko >and why does it matter which match evaluate first when the issue here >is with deletion of a rule... could you give a few examples? -m statistic --mode nth --every 10 -m limit --limit 1/s -j FOO vs -m limit --limit 1/s -m statistic --mode nth --every 10 -j FOO First one looks at every 10th packet and of those FOOs only 1 per second. Second one looks at one packet every second and then FOOS every 10th of them. Big difference. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
