On Mon 06/Jan/2025 17:27:44 +0100 potatojuggler wrote:
/etc/nftables.d/limit-rate.nft Contains a set to limit the number of new connections per IP per minute.
I'm still using iptables. It has a handy module named hashlimit. It takes stuff like the following example:
iptables -A connserver -m hashlimit \ --hashlimit-name firewall \ --hashlimit-mode srcip \ --hashlimit-srcmask 32 \ --hashlimit-upto 500/hour \ --hashlimit-burst 100 \ --hashlimit-htable-size 16384 \ --hashlimit-htable-max 65536 \ --hashlimit-htable-expire 60000 \ --hashlimit-htable-gcinterval 2000 \ -j NFQUEUE Isn't it available with nft? Best Ale -- (sorry for being late...)
