Darius <dram@xxxxxxxxxxx> wrote:
> I have noted that since nftables v0.9 'connlimit' statement should be supported. I have tried to search in wiki and manpages, but there is still no information on how that statement should be used. Anyone knows a link or have a guide of how to use 'connlimit'?
Something like this should work:
tcp flags & (syn | ack) == syn meter mylimit { ip saddr ct count over 2 } ...
