Hello, This I will try to keep simple .. Rate limiting packets is a great new feature of 1.4.7 I am asking what would be a good way to use this for preventing DDOS I am getting hammered with ICMP and malformed DNS requests .. (Some things Up Out There) I really don''t want to quit logging these .. But hey I hate parsing repeating crap .. And You Can DDOS a machine with log overload. Anyone know a good guideline for setting the rate burst limits .. Or a good reference I can use to build and test My own ??? Thanks, Lady Linux "No Problems Only Solutions" Francesca C. Smith Lady Linux Internet Services fsmith@ladylinux.com