[Bug 523] New: rate problems for rates above 5000 in the limit
module
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Wed Oct 11 21:21:09 CEST 2006
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=523
Summary: rate problems for rates above 5000 in the limit module
Product: iptables
Version: 1.2.11
Platform: i386
OS/Version: RedHat Linux
Status: NEW
Severity: normal
Priority: P2
Component: iptables
AssignedTo: laforge at netfilter.org
ReportedBy: mfriedel at gmail.com
Tested on 1.3.6 source also.
When trying to use the limit module, specifying a rate above 5000 causes the
limit to become 10000 instead of the rate specified.
Ex:
5000 and below works...
>iptables -A INPUT -m tcp -p tcp --dport 80 -m limit --limit 5000/second
--limit-burst 6000 -j ACCEPT
>iptables -L -n -v
Chain INPUT (policy ACCEPT 2740 packets, 224K bytes)
pkts bytes target prot opt in out source destination
7715 1966K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80 limit: avg 5000/sec burst 6000
--------------------------------------------
Anything above 5000 is always 10000...
>iptables -A INPUT -m tcp -p tcp --dport 80 -m limit --limit 5001/second
--limit-burst 6000 -j ACCEPT
>iptables -L -n -v
Chain INPUT (policy ACCEPT 1195 packets, 94030 bytes)
pkts bytes target prot opt in out source destination
3394 874K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80 limit: avg 10000/sec burst 6000
---------------------------------------------
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list