diff options
author | Jonas Berlin <xkr47@outerspace.dyndns.org> | 2005-04-01 06:54:23 +0000 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2005-04-01 06:54:23 +0000 |
commit | f33c46140f0e0a230aba5d739ce40cb14e066b13 (patch) | |
tree | e0d8b16f1fe5c33ce1bc2a0e2ab9a68f2e54f96c /extensions/libipt_hashlimit.man | |
parent | 4a06cf0bd2f5e18eb0149945724b0b4299eec5ea (diff) |
add lots of man pages (Jonas Berlin)
Diffstat (limited to 'extensions/libipt_hashlimit.man')
-rw-r--r-- | extensions/libipt_hashlimit.man | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/extensions/libipt_hashlimit.man b/extensions/libipt_hashlimit.man new file mode 100644 index 00000000..1b0a5d44 --- /dev/null +++ b/extensions/libipt_hashlimit.man @@ -0,0 +1,35 @@ +This patch adds a new match called 'hashlimit'. +The idea is to have something like 'limit', but either per +destination-ip or per (destip,destport) tuple. + +It gives you the ability to express +.IP + '1000 packets per second for every host in 192.168.0.0/16' +.IP + '100 packets per second for every service of 192.168.1.1' +.P +with a single iptables rule. +.TP +.BI "--hashlimit " "rate" +A rate just like the limit match +.TP +.BI "--hashlimit-burst " "num" +Burst value, just like limit match +.TP +.BI "--hashlimit-mode " "destip | destip-destport" +Limit per IP or per port +.TP +.BI "--hashlimit-name " "foo" +The name for the /proc/net/ipt_hashlimit/foo entry +.TP +.BI "--hashlimit-htable-size " "num" +The number of buckets of the hash table +.TP +.BI "--hashlimit-htable-max " "num" +Maximum entries in the hash +.TP +.BI "--hashlimit-htable-expire " "num" +After how many miliseconds do hash entries expire +.TP +.BI "--hashlimit-htable-gcinterval " "num" +How many miliseconds between garbage collection intervals |