One more question related to this.
Can we limit no. of icmp packets per IP address?
Or shall it limit total no. of ICMP packets from all the source IP's.
*********** REPLY SEPARATOR ***********
On 9/26/2003 at 6:52 AM Wu Nick wrote:
>Hi guys,
>
> I had added a rule to my linux box to prevent "Ping flooding".
> Actually, i limit ICMP packet to be accepted 253 times at maximum
> within a second by the limit extension option. The rule looks like this
> "ipatbles -A INPUT -p icmp -m limit --limit 253/s -j ACCEPT"
> "ipatbles -A INPUT -p icmp -j DROP"
> But when i use packet generator with sniffer to test this fucntion, it
> doesn't always work. If i send each icmp packets with 10 millisecond
> delay within a second, it works fine, but when i doing this with each
>packet less than 10
> millisecond delay within a second, it seems crash(only few packets match
>the first rule,
> others will be matched by the second rule ).This seems that limit module
>can only see
>packet every 10 millisecond. Any ideas?
>
>Any comments will be very appreciated!
>
>Nick Wu
>
>_________________________________________________________________
>²{¦b´N¤W MSN ²á¤Ñ«Ç¡G¦b½u¤Wµ²¥æ·sªB¤Í¡A»P¦h¤H§Y®É¤¬°Ê¹ï½Í
>http://chat.msn.com?pgmarket=zh-tw
