Sean Son
2018-Dec-19 17:07 UTC
[CentOS] how to implement rate-limiting measures on interfaces using IPTables?
Hello all I have been tasked to implement rate-limiting measures on interfaces using IPTables in RHEL 7. I know that in order to implement it using FirewallD, I will need to run the following command: firewall-cmd --direct --add-rule ipv4 filter IN_public_allow 0 -p tcp -m limit --limit 25/minute --limit-burst 100 -j ACCEPT How would I do the same using IPtables? Thanks!! Sean
Kenneth Porter
2018-Dec-19 22:56 UTC
[CentOS] how to implement rate-limiting measures on interfaces using IPTables?
--On Wednesday, December 19, 2018 12:07 PM -0500 Sean Son <linuxmailinglistsemail at gmail.com> wrote:> I have been tasked to implement rate-limiting measures on interfaces using > IPTables in RHEL 7. > > I know that in order to implement it using FirewallD, I will need to run > the following command: > > firewall-cmd --direct --add-rule ipv4 filter IN_public_allow 0 -p tcp -m > limit --limit 25/minute --limit-burst 100 -j ACCEPT > > How would I do the same using IPtables?firewalld uses iptables under the hood. So just snoop on what rules firewalld created. Use "iptables-save > /tmp/firewalld-iptables.dump" and inspect the result.