On Thursday 2008-05-22 17:16, Akhil Sharma wrote: >Question: in ipt_recent, if a client is added to a hitlist >(/proc/net/ipt_recent/hitlist) after having violated a rule of sending >over 10 packets in a minute, how long is the entry maintained in the >list? Does it ever get removed from the hitlist? Instead, would it just >track the last time the packets arrived and never get removed from the >hitlist until the PC is rebooted? The list keeps a number of timestamps the client last sent a packet (at least it seems so); when a new timestamp is added to the head of the list, one gets evicted at the tail if the list has already reached its maximum length. Whether or not a packet subsequently matches the rule depends not on the number of timestamp values recorded, but on the parameter you specified in your rule (--seconds, etc.). -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
