thr3ads.net - netfilter buglog - [Bug 523] rate problems for rates above 5000 in the limit module [Oct 2006]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon@bugzilla.netfilter.org

2006-Oct-11 23:13 UTC

[Bug 523] rate problems for rates above 5000 in the limit module

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=523





------- Additional Comments From mfriedel@gmail.com  2006-10-11 23:12 MET
-------
I think specifying multiple rate lines will work as a temporary fix...
-A INPUT -m tcp -p tcp --dport 80 -m limit --limit 5000/second --limit-burst
5000 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 80 -m limit --limit 2000/second --limit-burst
2500 -j ACCEPT
-A INPUT -m tcp -p tcp --dport 80 -j REJECT

Looks like the problem may be with storing r->avg as an integer.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

bugzilla-daemon@bugzilla.netfilter.org

2006-Oct-12 06:31 UTC

head link

[Bug 523] rate problems for rates above 5000 in the limit module

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=523


kaber@trash.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED




------- Additional Comments From kaber@trash.net  2006-10-12 06:31 MET
-------> Looks like the problem may be with storing r->avg as an integer.
Indeed. The limit is stored in integer timeunits of 1/10000s. 10000/s => 1,
5000/s => 2, etc. This is really not very clever, unfortunately fixing this
looks hard because we need to preserve compatibility.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

bugzilla-daemon@bugzilla.netfilter.org

2006-Oct-12 06:31 UTC

head link

[Bug 523] rate problems for rates above 5000 in the limit module

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=523


kaber@trash.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED




------- Additional Comments From kaber@trash.net  2006-10-12 06:31 MET
-------> Looks like the problem may be with storing r->avg as an integer.
Indeed. The limit is stored in integer timeunits of 1/10000s. 10000/s => 1,
5000/s => 2, etc. This is really not very clever, unfortunately fixing this
looks hard because we need to preserve compatibility.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.

netfilter buglog - Oct 2006 - [Bug 523] rate problems for rates above 5000 in the limit module

[Bug 523] rate problems for rates above 5000 in the limit module

[Bug 523] rate problems for rates above 5000 in the limit module

[Bug 523] rate problems for rates above 5000 in the limit module