diff options
author | Bart De Schuymer <bdschuym@pandora.be> | 2003-09-27 19:55:15 +0000 |
---|---|---|
committer | Bart De Schuymer <bdschuym@pandora.be> | 2003-09-27 19:55:15 +0000 |
commit | b216826b4bed9965dcf7eadf03f503e5f7a2c3fd (patch) | |
tree | b1a13a6babb25f9c05832e6b2ab0a98402c89789 /userspace/ebtables2 | |
parent | f6b5ab23df11c7d73c5c34ba266d051588762dbd (diff) |
add limit description
Diffstat (limited to 'userspace/ebtables2')
-rw-r--r-- | userspace/ebtables2/ebtables.8 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/userspace/ebtables2/ebtables.8 b/userspace/ebtables2/ebtables.8 index e9ee66f..43dcf57 100644 --- a/userspace/ebtables2/ebtables.8 +++ b/userspace/ebtables2/ebtables.8 @@ -556,6 +556,22 @@ The destination port or port range for ip protocols 6 (TCP) and 17 (UDP). The flag .B --ip-dport is an alias for this option. +.SS limit +Matches at a limited rate using a token bucket filter. A rule using +this extension will match until this limit is reached (unless the '!' +flag is used). It can be used in combination with the log watcher to +give limited logging, for example. The usage/implementation is completely +similar to that of the iptables limit match. +.TP +.BR --limit " \fIrate" +Maximum average matching rate: specified as a number, with an optional +'/second', '/minute', '/hour', or '/day' suffix; the default is 3/hour. +.TP +.BR --limit-burst " \fInumber" +Maximum initial number of packets to match: this number gets recharged by +one every time the limit specified above is not reached, up to this number; +the default is 5. + .SS mark_m .TP .BR "--mark " "[!] [\fIvalue\fP][/\fImask\fP]" |