[PATCH] trivial connlimit manpage fix
Phil Oester
kernel at linuxace.com
Mon May 29 17:53:36 CEST 2006
As pointed out by Sérgio Luís Martins in bug #475, the
connlimit example is missing a chain.
Phil
-------------- next part --------------
diff -ru ipt-orig/extensions/libipt_connlimit.man ipt-new/extensions/libipt_connlimit.man
--- ipt-orig/extensions/libipt_connlimit.man 2005-03-31 22:54:23.000000000 -0800
+++ ipt-new/extensions/libipt_connlimit.man 2006-05-29 08:50:24.000000000 -0700
@@ -10,10 +10,10 @@
Examples:
.TP
# allow 2 telnet connections per client host
-iptables -p tcp --syn --dport 23 -m connlimit --connlimit-above 2 -j REJECT
+iptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimit-above 2 -j REJECT
.TP
# you can also match the other way around:
-iptables -p tcp --syn --dport 23 -m connlimit ! --connlimit-above 2 -j ACCEPT
+iptables -A INPUT -p tcp --syn --dport 23 -m connlimit ! --connlimit-above 2 -j ACCEPT
.TP
# limit the nr of parallel http requests to 16 per class C sized \
network (24 bit netmask)
More information about the netfilter-devel
mailing list