hy, i want a iptables rule to match if a designated trafic is above x bps or pps, i try iptm="/usr/local/sbin/iptables -t mangle" $iptm -A PREROUTING -i eth0 -m limit --limit 10000/sec $iptm -A PREROUTING -i eth0 -m limit ! --limit 10000/sec the results are: 62992 16M all -- eth0 * 0.0.0.0/0 0.0.0.0/0 limit: avg 10000/sec burst 5 62993 16M all -- eth0 * 0.0.0.0/0 0.0.0.0/0 limit: avg 10000/sec burst 5 why the ! argument dont work???? and is accepted C _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Tue, 2002-09-17 at 10:29, Ciprian Niculescu wrote:> hy, > > i want a iptables rule to match if a designated trafic is above x bps or > pps, i try > > iptm="/usr/local/sbin/iptables -t mangle" > $iptm -A PREROUTING -i eth0 -m limit --limit 10000/sec > $iptm -A PREROUTING -i eth0 -m limit ! --limit 10000/secyou don''t have to use the ! if you go to the second rules, this is because you don''t have match the first one, so you are over the limit. So you can do : $iptm -A PREROUTING -i eth0 -m limit --limit 10000/sec -j MYTARGET iptm -A PREROUTING -i eth0 -j MYTARGET -- Éric Leblond courriel : eric@regit.org