I'm setting up a firewall on an embedded linux router/firewall with limited (well relatively) log space. I'd like to limit the firewall logging for dropped packets to 1 packet per minute per destination ip address. I can easily limit the logging to 1 per minute using iptables -A LOGDROP -m limit --limit 1/min --limit-burst 1 -j LOG --log-prefix "FW-DROP" --log-level warn What I can't see an easy way to do is limit logging based on destination IP address... iplimit is more about limiting connections by address rather than throttling the logging back and works on concurrent connections not the number of connections in a given time period. If I can easily limit logging by destination ip address and a time period then fine, otherwise I'll just limit logging to a time period. (Note: dest ip address is unknown so its in effect something akin to pool based matching but I don't know the number of pools I'd need...) -- Richard Horton Users are like a virus: Each causing a thousand tiny crises until the host finally dies. http://www.solstans.co.uk - Solstans Japanese Bobtails and Norwegian Forest Cats http://www.pbase.com/arimus - My online photogallery -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
