> >iptables -A INPUT -p icmp --icmp-type echo-reply -j >ACCEPT >iptables -A INPUT -p icmp --icmp-type echo-request \ > -m limit --limit 1/s -i eth0 -j ACCEPT Try -m limit --limit 1/s --limit-burst 1 >iptables -A INPUT -p tcp --syn -m limit --limit 1/s -i >eth0 -j ACCEPT > >This should limit echo-requestes on one per second on >comp_B. >Then I opened 4 consoles on comp_A and issued ping >192.168.1.20 on all of them, and I got response for >every icmp packet. > >Should above rules block all icpm requests, and accept >only one per second? > >Did I forgot something? There is no any other iptables >rules on comp_B. > >Thanks in advance. > >Regards > > >__________________________________________________ >Do You Yahoo!? >Tired of spam? Yahoo! Mail has the best spam protection around >http://mail.yahoo.com > Jan Engelhardt --
