Oscar Muñoz Garrigós <osmuogar@xxxxxxxxx> wrote: > Thank you for your fast reply. > > I followed the steps under > (https://wiki.nftables.org/wiki-nftables/index.php/Building_and_installing_nftables_from_sources) > / 'Installing Linux kernel with nftables support' / 'Validating your > installation'. > > The 'lsmod | grep nf_tables' returns: > > nf_tables_netdev 16384 0 > nf_tables_bridge 16384 0 > nf_tables_arp 16384 0 > nf_tables_inet 16384 0 > nf_tables_ipv6 16384 1 nf_tables_inet > nf_tables_ipv4 16384 4 nf_tables_inet > nf_tables 90112 13 > nft_chain_route_ipv4,nf_tables_ipv4,nft_ct,nft_set_rbtree,nf_tables_inet,nft_set_bitmap,nf_tables_netdev,nft_counter,nf_tables_bridge,nf_tables_arp,nft_meta,nft_set_hash,nf_tables_ipv6 > nfnetlink 16384 4 nf_conntrack_netlink,nf_tables,nf_tables_netdev I don't see nft_limit here. > > > nft add rule my_filter_table my_input_chain tcp dport 22 ct state new > > > add @my_ssh_meter { ip saddr limit rate 10/second } accept ... but its needed by this rule. Check modinfo nft_limit. You might need to set CONFIG_NFT_LIMIT=m in kernel config.
