* regarding limit option and logging
@ 2011-10-11 16:10 Adishesh M
2011-10-12 8:02 ` Michal Kubeček
0 siblings, 1 reply; 2+ messages in thread
From: Adishesh M @ 2011-10-11 16:10 UTC (permalink / raw)
To: netfilter
Hi,
how to control logging rate using "-m limit --limit" combination.
I want to limit the number of packets logged to one packet per second
(1/s). For this I am using below rules and it is not working.
iptables -A INPUT -d 10.255.13.157 -m limit --limit 1/sec -j NFLOG
--nflog-group 1
what value i have to use for --limit and ----limit-burst to get the 1
packets logged per second.
Thanks and regards,
Adishesh
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: regarding limit option and logging
2011-10-11 16:10 regarding limit option and logging Adishesh M
@ 2011-10-12 8:02 ` Michal Kubeček
0 siblings, 0 replies; 2+ messages in thread
From: Michal Kubeček @ 2011-10-12 8:02 UTC (permalink / raw)
To: netfilter
On Tuesday 11 of October 2011, Adishesh M wrote:
>
> I want to limit the number of packets logged to one packet per second
> (1/s). For this I am using below rules and it is not working.
>
> iptables -A INPUT -d 10.255.13.157 -m limit --limit 1/sec -j NFLOG
> --nflog-group 1
What exactly does "is not working" mean? My guess is that iptables
complains about missing --limit-burst value. If you really don't want
more than one message per second, try 1, but for a real-world
configuration I would suggest a bit more.
Michal Kubeèek
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-10-12 8:02 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-10-11 16:10 regarding limit option and logging Adishesh M
2011-10-12 8:02 ` Michal Kubeček
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox