I'm using this ruleon iptables v1.4.7 iptables -A INSYNSRCLIMITER -m hashlimit --hashlimit-htable-expire 10000 --hashlimit-htable-size 8192 --hashlimit-htable-max 8192 --hashlimit-mode srcip --hashlimit-name insynlimiter --hashlimit 1/s --hashlimit-burst 25 -j RETURN while being "synflooded" and I'm seeing a lot of xt_hashlimit: max count of 8192 reached errors logged... really a lot (just to explain how many of those: got a bunch of "net_ratelimit: 42695 callbacks suppressed"logged too...) What does exactly that errors mean? did there was more then 8192 srcip to track and hashlimit went in overflow or am I using --hashlimit-htable-size and --hashlimit-htable-max in the wrong way? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
