Re: IPtables rate limiting question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dňa 25. októbra 2024 18:12:56 UTC používateľ Kerin Millar <kfm@xxxxxxxxxxxxx> napísal:

>To that end, consider taking advantage of ipsets. Below is a sample ruleset in iptables-save format.
>
>*raw
>:PREROUTING ACCEPT [0:0]
>:OUTPUT ACCEPT [0:0]
>:limitban - [0:0]
>-A PREROUTING ! -i lo -p tcp -m conntrack --ctstate NEW -j limitban

Please will conntrack really works in raw table? I live in that raw table
happens before conntrack...

regards


-- 
Slavko
https://www.slavino.sk/





[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux