summaryrefslogtreecommitdiffstats
path: root/extensions/libipt_limit.man
diff options
context:
space:
mode:
Diffstat (limited to 'extensions/libipt_limit.man')
-rw-r--r--extensions/libipt_limit.man15
1 files changed, 15 insertions, 0 deletions
diff --git a/extensions/libipt_limit.man b/extensions/libipt_limit.man
new file mode 100644
index 0000000..84b63d4
--- /dev/null
+++ b/extensions/libipt_limit.man
@@ -0,0 +1,15 @@
+This module matches at a limited rate using a token bucket filter.
+A rule using this extension will match until this limit is reached
+(unless the `!' flag is used). It can be used in combination with the
+.B LOG
+target to give limited logging, for example.
+.TP
+.BI "--limit " "rate"
+Maximum average matching rate: specified as a number, with an optional
+`/second', `/minute', `/hour', or `/day' suffix; the default is
+3/hour.
+.TP
+.BI "--limit-burst " "number"
+Maximum initial number of packets to match: this number gets
+recharged by one every time the limit specified above is not reached,
+up to this number; the default is 5.