bugzilla-daemon@bugzilla.netfilter.org
2006-Oct-11 21:21 UTC
[Bug 523] New: rate problems for rates above 5000 in the limit module
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=523
Summary: rate problems for rates above 5000 in the limit module
Product: iptables
Version: 1.2.11
Platform: i386
OS/Version: RedHat Linux
Status: NEW
Severity: normal
Priority: P2
Component: iptables
AssignedTo: laforge@netfilter.org
ReportedBy: mfriedel@gmail.com
Tested on 1.3.6 source also.
When trying to use the limit module, specifying a rate above 5000 causes the
limit to become 10000 instead of the rate specified.
Ex:
5000 and below works...>iptables -A INPUT -m tcp -p tcp --dport 80 -m limit --limit 5000/second
--limit-burst 6000 -j ACCEPT
>iptables -L -n -v
Chain INPUT (policy ACCEPT 2740 packets, 224K bytes)
pkts bytes target prot opt in out source destination
7715 1966K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80 limit: avg 5000/sec burst 6000
--------------------------------------------
Anything above 5000 is always 10000...>iptables -A INPUT -m tcp -p tcp --dport 80 -m limit --limit 5001/second
--limit-burst 6000 -j ACCEPT
>iptables -L -n -v
Chain INPUT (policy ACCEPT 1195 packets, 94030 bytes)
pkts bytes target prot opt in out source destination
3394 874K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80 limit: avg 10000/sec burst 6000
---------------------------------------------
--
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.