blob: c981acf0a77ceac8e15a11aeec3be79e3eaa7777 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
table ip x {
set s {
type ipv4_addr
size 65535
flags dynamic
}
chain filter_in_tcp {
}
chain filter_in_udp {
}
chain y {
update @s { ip saddr limit rate 12/minute burst 30 packets } accept
tcp dport vmap { 80 : accept, 81 : accept, 443 : accept, 8000-8100 : accept, 24000-25000 : accept }
meta l4proto vmap { tcp : goto filter_in_tcp, udp : goto filter_in_udp }
log
}
}
|