suppose a limit for pings with limit=1/s and limit burst=5 first 5 pings will pass, then, if you have a 2s timeout with the ping, youll get 3 of 5 pings this is first you need to "full" the burst counter, then if no activity is received the burst will start to decrease until a new unit could match. did you saw this? http://www.netfilter.org/documentation/HOWTO//packet-filtering-HOWTO-7.html#ss7.3 ----- Original Message ----- From: "Michael Klinteberg" <micke@xxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Sunday, February 01, 2004 6:12 PM Subject: Please explain the limit match > I have read the man page over and over again for the iptables limit > match. Don't quite understad the --limit and --limit-burst. > > Can anyone please give me some easy LOGing examples with diffrent > time-intervalls. > > -- > Thank you > Michael K > >
