GM <grzesiek20@xxxxxx> wrote: > When i include burst in my ruleset it works as expected with burst. I > simulate this with nmap --bad-sum but when there is no burst e.g delay > between packets is 1s > nmap --bad-sum --scan-delay 1s > behavior is very strange because it drops 60 packets instead of 30. How to > explain this ? It first consumes the burst, then the rate. nft limit works like -m limit in iptables. If you want the '1s delay' case to match on 30 packets, try a burst value of 1.
