* ULOG with hashlimit not working as expected
@ 2007-01-25 6:09 Retesh
0 siblings, 0 replies; only message in thread
From: Retesh @ 2007-01-25 6:09 UTC (permalink / raw)
To: netfilter, netfilter-devel
Hi All
I am facing a issue with ULOG along with hashlimit, where hashlimit is
not working as expected.
I have rules as follows
1. iptables -A INPUT -m set --set SET1 src -m hashlimit --hashlimit
100/s --hashlimitname foo1 -j ACCEPT
2. iptables -A INPUT -m set --set SET1 src -m hashlimit --hashlimit
200/s --hashlimitname foo2 -j DROP
3. iptables -A INPUT -m set --set SET1 src -m hashlimit --hashlimit
1/min --hashlimitname foo3 -j ULOG
4. iptables -A INPUT -m set --set SET1 src -m hashlimit --hashlimit
1/min --hashlimitname foo4 -j LOG
5. iptables -A INPUT -j DROP
Here I have noticed that hashlimit of 1/min is not working, even
though the hashlimits of 1st 2 rules is working fine. What is
happening is that I am bombarding the system from a source endpoint in
SET1, with 300/s.
My expectation is that 100 packets will be accepted (1), another 100
will be dropped (2), and rest all will be dropped with ULOG/LOG
happening 1 per minutes (3,4,5). But ULOG is not happening at 1/min.
What i see is that if say I bombard for 90 seconds at the rate of
300/s, ULOG/LOG messages that are generated are 11.
Anyone aware if this is a limitation of hashlimit or am I missing
something here.
Thanks in advance
With Regards
Retesh Chadha
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2007-01-25 6:09 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-01-25 6:09 ULOG with hashlimit not working as expected Retesh
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).