Hi, I'm using "meters" of nftables to apply rate-limit by source IP
address with state "new" (ct state new - udp) this would block DoS
attacks, but when it is a spoofed flood (IP addresses of random origin)
in "nft list meter filter cnt-meter" thousands of IP addresses are
displayed, how many ip does it support "meters", am I doing the right
thing?
I have used "timeout 1s" in the meter.
I await your answer, thank you.
-Renzo cHv, PE.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
