On Wed, 2005-03-23 at 03:21, ASHISH wrote: > The rule that you have mentioned will "Accept" the first five matches. to split hairs here--the way the OP has the rule written: iptables -A INPUT -i eth0 -m limit --limit 5/m --limit-burst 5 -j ACCEPT it will actually accept the first 10 packets, the limit of 5 + the burst of 5--then the limit will enforce for 5 minutes. -j -- "Have you ever been in a police car? Not in the front..." --The Simpsons
