On Wed, Jul 6, 2022 at 11:22 AM Frank Myhr <fmyhr@xxxxxxxxxxx> wrote: > To be clear: you're testing this example ruleset and seeing unlimited > echo requests being allowed in despite the limit rule? > > > > Can you give me a hint why you think ct wouldn't accept it forever > > after the first accept? > > I'm going to have to defer to others with in-depth knowledge of ct. I > suspect that if all of your echo requests come from the same source ip > address, *maybe* the limit is ineffective as you suggest. I'd be very > surprised if echo requests from multiple ip addresses are also immune to > the limit. Yes. I am testing and always and the bug is exposed with a flood ping, for example, so from the same IP. Yes, I agree that this should accept 5 new sources per second, but each can then do unlimited requests. That is why I suggest the wiki to be updated. Thanks