Jorge Agrelo wrote:

> Yes, I want to limit (drop) as soon as we receive more than 1/s packet
> regardless of the source address?, Is there any other way to do that without using
> limit match with negation?

AFAIK, there isn't.

> 
> Regards
>  

The patch below is against ipt_limit.c from 2.6.10. It's *untested* but 
reflects what I told you. It's just an exemple of how you can make
this module behaving the other way arround.

(NOTE: ipt_limit.c was written to avoid flooding -j LOG)

HTH,

Samuel