On Sunday 2012-12-09 21:05, Darius Jahandarie wrote: >Hi all. I currently have an iptables rule like follows in the raw table: > >-A PREROUTING -p tcp --dport 1234 --syn -m limit --limit 10000/sec >--limit-burst 10000 -j ACCEPT >-A PREROUTING -p tcp --syn -j DROP > >Does anyone have thoughts on a way to get some sort of rate-limiting >(TBF or otherwise) that can handle more PPS than the limit module >while still being as efficient as possible? -j RATEEST, -m rateest -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
