[Bug 1467] New: [sets] support adaptive (escalating) rule(s)
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Wed Sep 23 12:13:26 CEST 2020
https://bugzilla.netfilter.org/show_bug.cgi?id=1467
Bug ID: 1467
Summary: [sets] support adaptive (escalating) rule(s)
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: vtolkm at gmail.com
once bug #1466 is sorted consider support for adaptive (escalating) rule(s)
based on element counters, e.g.
* if { saddr counter N } then { set element timeout } multiply by or add
timeout factor (N1)
* if { saddr counter N *|+ N1 } then lookup saddr's cidr in geoip db and update
saddr to cidr range
* if { saddr cidr range counter N } then lookup saddr cidr range in geoip db
and update saddr to ASN
* if { saddr ASN counter N } then lookup ASN in geoip db and update saddr to
ISP's ASN range
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200923/6891826f/attachment.html>
More information about the netfilter-buglog
mailing list