diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2009-11-17 23:54:29 +0100 |
|---|---|---|
| committer | Jan Engelhardt <jengelh@medozas.de> | 2009-11-17 23:54:29 +0100 |
| commit | 7573631fa9f6f15b28a13cc5d22f2a446f69fd64 (patch) | |
| tree | 50253076eaff5d1ccf2e920ed45b03c263763585 | |
| parent | 75cb763b54a89bf9b9c61740c760abce89df06f3 (diff) | |
doc: explain experienced --hitcount limit
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
| -rw-r--r-- | extensions/libxt_recent.man | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/extensions/libxt_recent.man b/extensions/libxt_recent.man index 9d5a64ee..aa138df3 100644 --- a/extensions/libxt_recent.man +++ b/extensions/libxt_recent.man @@ -44,7 +44,9 @@ This option must be used in conjunction with one of \fB\-\-rcheck\fP or address is in the list and packets had been received greater than or equal to the given value. This option may be used along with \fB\-\-seconds\fP to create an even narrower match requiring a certain number of hits within a specific -time frame. +time frame. The maximum value for the hitcount parameter is given by the +"ip_pkt_list_tot" parameter of the xt_recent kernel module. Exceeding this +value on the command line will cause the rule to be rejected. .TP \fB\-\-rttl\fP This option may only be used in conjunction with one of \fB\-\-rcheck\fP or |