hi all
i just setup the hashlimit for SIP REGISTER on iptables and the rule is:
-A INPUT -p udp -i eth0 --dport 5060 -m hashlimit --hashlimit 1/minute
--hashlimit-burst 2 --hashlimit-mode srcip,srcport --hashlimit-name "cucku" -m
string --string "REGISTER sip:" --algo bm --to 80 -j ACCEPT
so from my understand the IPTABLES will let 2 REGSITER packets per minute
so when i use the xlite to send the RESGISTER message , the first REGISTER
packet is accepted but the seconds REGISTER packet is blocked by iptables
[root@centos ~]# uname -a
Linux centos 2.6.18-128.el5PAE #1 SMP Wed Jan 21 11:19:46 EST 2009 i686 i686
i386 GNU/Linux
i want the iptables just to accept 2 REGISTER packets per minute on per IP
address:port
please help
Thank you
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
