diff options
| -rw-r--r-- | ebtables.8 | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -556,6 +556,22 @@ The destination port or port range for ip protocols 6 (TCP) and 17 (UDP). The flag .B --ip-dport is an alias for this option. +.SS limit +Matches at a limited rate using a token bucket filter. A rule using +this extension will match until this limit is reached (unless the '!' +flag is used). It can be used in combination with the log watcher to +give limited logging, for example. The usage/implementation is completely +similar to that of the iptables limit match. +.TP +.BR --limit " \fIrate" +Maximum average matching rate: specified as a number, with an optional +'/second', '/minute', '/hour', or '/day' suffix; the default is 3/hour. +.TP +.BR --limit-burst " \fInumber" +Maximum initial number of packets to match: this number gets recharged by +one every time the limit specified above is not reached, up to this number; +the default is 5. + .SS mark_m .TP .BR "--mark " "[!] [\fIvalue\fP][/\fImask\fP]" |