xt_TARPIT (was: ipt_account / iptables 1.3.8)
jengelh at computergmbh.de
Mon Jul 9 16:11:29 CEST 2007
On Jul 9 2007 15:37, Patrick McHardy wrote:
>> in http://lists.netfilter.org/pipermail/netfilter-devel/2007-June/028366.html
>> there was talk about a revamped xt_TARPIT.
>> Patrick McHardy wrote:
>>>Shouldn't be much work, maybe I'll look into this after finishing
>>>my conntrack hash patches if no one beats me to it.
>> Any progress? Because tarpit is in my series [kernel patch tree] (after
>> connlimit), and I'd hate to do double effort if you already have it.
>No, I couldn't come up with a good way to remove the xrlim abuse yet.
* Check transmit rate limitation for given message.
* The rate information is held in the destination cache now.
* This function is generic and could be used for other purposes
I suppose "other purposes" could mean TCP here.. ;-')
More information about the netfilter-devel