From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Patrick McHardy <kaber@trash.net>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH nf-next 6/6] netfilter: nft_limit: add per-byte limiting
Date: Thu, 6 Aug 2015 11:01:09 +0200 [thread overview]
Message-ID: <20150806090109.GA3843@salvia> (raw)
In-Reply-To: <20150805104353.GA23224@acer.localdomain>
On Wed, Aug 05, 2015 at 12:43:54PM +0200, Patrick McHardy wrote:
> On 05.08, Pablo Neira Ayuso wrote:
> > This patch adds a new NFTA_LIMIT_TYPE netlink attribute to indicate the type of
> > limiting.
> >
> > Contrary to per-packet limiting, the cost is calculated from the packet path
> > since this depends on the packet length.
> >
> > The burst attribute indicates the number of bytes in which the rate can be
> > exceeded.
>
> Thanks Pablo, I appreciate this rework. Just a suggestion, I'd propose to
> use NFT_LIMIT_PKT_LENGTH instead of LIMIT_BYTES. I expect we might want to
> add other limit types like connection rates etc in the future.
Thanks Patrick. I'll rename this to a mixture of both: PKT_BYTES :)
prev parent reply other threads:[~2015-08-06 8:55 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-05 10:38 [PATCH nf-next 1/6] netfilter: nft_limit: rename to nft_limit_pkts Pablo Neira Ayuso
2015-08-05 10:38 ` [PATCH nf-next 2/6] netfilter: nft_limit: convert to token-based limiting at nanosecond granularity Pablo Neira Ayuso
2015-08-05 10:38 ` [PATCH nf-next 3/6] netfilter: nft_limit: factor out shared code with per-byte limiting Pablo Neira Ayuso
2015-08-05 10:38 ` [PATCH nf-next 4/6] netfilter: nft_limit: add burst parameter Pablo Neira Ayuso
2015-08-05 10:38 ` [PATCH nf-next 5/6] netfilter: nft_limit: constant token cost per packet Pablo Neira Ayuso
2015-08-05 10:38 ` [PATCH nf-next 6/6] netfilter: nft_limit: add per-byte limiting Pablo Neira Ayuso
2015-08-05 10:43 ` Patrick McHardy
2015-08-06 9:01 ` Pablo Neira Ayuso [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150806090109.GA3843@salvia \
--to=pablo@netfilter.org \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.