All of lore.kernel.org
 help / color / mirror / Atom feed
* nftables rate limit logging and then drop
@ 2015-12-02 22:43 Robert Sander
  2015-12-09 21:44 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 2+ messages in thread
From: Robert Sander @ 2015-12-02 22:43 UTC (permalink / raw)
  To: netfilter

[-- Attachment #1: Type: text/plain, Size: 576 bytes --]

Hi,

How do I implement something like this in nftables:

iptables -A INPUT -m conntrack --ctstate INVALID -m limit --limit 3/m --limit-burst 5 -j LOG --log-level debug --log-prefix "INVALID DROP: "
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP

Kindest Regards
-- 
Robert Sander
Heinlein Support GmbH
Schwedter Str. 8/9b, 10119 Berlin

http://www.heinlein-support.de

Tel: 030 / 405051-43
Fax: 030 / 405051-19

Zwangsangaben lt. §35a GmbHG: 
HRB 93818 B / Amtsgericht Berlin-Charlottenburg,
Geschäftsführer: Peer Heinlein -- Sitz: Berlin


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-12-09 21:44 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-12-02 22:43 nftables rate limit logging and then drop Robert Sander
2015-12-09 21:44 ` Pablo Neira Ayuso

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.