diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2011-06-22 11:18:19 +0200 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2011-06-22 12:00:07 +0200 |
commit | 68146dad91611bd8d6d12c8ba27219130d99607b (patch) | |
tree | a3c5a35d20a8bb91093619360d2349c6f722b7dd /tests | |
parent | 70cb0a6d3e09f64f9a05870d694ac0160319de9a (diff) |
libxt_hashlimit: use a more obvious expiry value by default
Due to the previous default expiry of 10 sec, "--hashlimit 1/min"
would allow matching up to 6/min if a properly timed. To do what the
user expects, the minimum expiry must equal the selected time quantum
however.
Cc: Jan Rovner <jan.rovner@diadema.cz>
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/options-most.rules | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/tests/options-most.rules b/tests/options-most.rules index 2b419e57..7298a1f9 100644 --- a/tests/options-most.rules +++ b/tests/options-most.rules @@ -87,6 +87,11 @@ -A matches -A matches -p esp -m esp --espspi 5:4294967295 -A matches +-A matches -m hashlimit --hashlimit-upto 1/sec --hashlimit-burst 1 --hashlimit-name mini1 +-A matches -m hashlimit --hashlimit-upto 1/min --hashlimit-burst 1 --hashlimit-name mini2 +-A matches -m hashlimit --hashlimit-upto 1/hour --hashlimit-burst 1 --hashlimit-name mini3 +-A matches -m hashlimit --hashlimit-upto 1/day --hashlimit-burst 1 --hashlimit-name mini4 +-A matches -A matches -m ipvs --vaddr fe80::/64 --vport 1 --vdir REPLY --vmethod GATE --vportctl 21 -A matches -A matches -m length --length 1 |