bugzilla-daemon at netfilter.org
2019-Feb-05 21:34 UTC
[Bug 1320] New: iptables hashlimit - problem with traffic limitation
https://bugzilla.netfilter.org/show_bug.cgi?id=1320
Bug ID: 1320
Summary: iptables hashlimit - problem with traffic limitation
Product: iptables
Version: 1.6.x
Hardware: All
OS: Debian GNU/Linux
Status: NEW
Severity: major
Priority: P5
Component: iptables
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: piotr.lasak at atman.pl
I would like limits traffic between interfaces to 5000 pps and I set rule:
iptables -A FORWARD -i eth1 -o eth2 -m hashlimit --hashlimit-above 5000/sec
--hashlimit-burst 5 --hashlimit-name xx-101-412 -j DROP
But above rule, limitated traffic to max 1255 pps, it shoud be ~5000 pps.
If I set these same rule with option "--hashlimit-burst 50" everything
works
properly.
iptables -A FORWARD -i eth1 -o eth2 -m hashlimit --hashlimit-above 5000/sec
--hashlimit-burst 50 --hashlimit-name xx-101-412 -j DROP
Can you help me with that?
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190205/1ec2eac9/attachment.html>
bugzilla-daemon at netfilter.org
2019-Feb-05 21:35 UTC
[Bug 1320] iptables hashlimit - problem with traffic limitation
https://bugzilla.netfilter.org/show_bug.cgi?id=1320
piotr.lasak at atman.pl changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |piotr.lasak at atman.pl
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190205/23aa9e77/attachment.html>
bugzilla-daemon at netfilter.org
2019-Feb-05 21:36 UTC
[Bug 1320] iptables hashlimit - problem with traffic limitation
https://bugzilla.netfilter.org/show_bug.cgi?id=1320
piotr.lasak at atman.pl changed:
What |Removed |Added
----------------------------------------------------------------------------
Hardware|All |x86_64
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190205/58f03a4e/attachment.html>
bugzilla-daemon at netfilter.org
2019-Feb-05 22:09 UTC
[Bug 1320] iptables hashlimit - problem with traffic limitation
https://bugzilla.netfilter.org/show_bug.cgi?id=1320
piotr.lasak at atman.pl changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20190205/7e3e6311/attachment.html>
Possibly Parallel Threads
- [Bug 1740] New: hashlimit limit: reduction to lowest terms in the output is confusing
- [Bug 1273] New: hashlimit never appears to fail to match under 4.9.x
- [Bug 650] --hashlimit-burst does not update when using --hashlimit-name for a second time
- [Bug 568] New: iptables-save saves option hashlimit-htable-gcinterval with error
- [Bug 1235] New: Error Message "Memory allocation problem" using hashlimit match