From 749d5471ce9f140e360e7acd2a89166a2f88fba7 Mon Sep 17 00:00:00 2001 From: teastep Date: Tue, 28 Dec 2004 18:15:49 +0000 Subject: [PATCH] Update rate limit example in rules file git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1866 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall2/changelog.txt | 2 ++ Shorewall2/releasenotes.txt | 2 ++ Shorewall2/rules | 6 +++--- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt index 26c4a5009..2a1b46dbf 100644 --- a/Shorewall2/changelog.txt +++ b/Shorewall2/changelog.txt @@ -194,3 +194,5 @@ Changes since 2.0.3 94) Avoid shell error during "shorewall stop/clear" 95) Change encryption to blowfish in 'ipsecvpn' script. + +96) Correct rate limiting rule example. diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt index bc641c15e..cf837a5f3 100755 --- a/Shorewall2/releasenotes.txt +++ b/Shorewall2/releasenotes.txt @@ -199,6 +199,8 @@ Problems corrected since 2.2.0 RC2 local: lo:: bad variable name +2) The rate limiting example in /etc/shorewall/rules has been changed + to use the RATE LIMIT column. ----------------------------------------------------------------------- Issues when migrating from Shorewall 2.0 to Shorewall 2.2: diff --git a/Shorewall2/rules b/Shorewall2/rules index 3fb526992..0e0d4fa0f 100755 --- a/Shorewall2/rules +++ b/Shorewall2/rules @@ -301,9 +301,9 @@ # to local system 192.168.1.3 with a limit of 3 per second and # a maximum burst of 10 # -# #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL -# # PORT PORT(S) DEST -# DNAT<3/sec:10> net loc:192.168.1.3 tcp http +# #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE +# # PORT PORT(S) DEST LIMIT +# DNAT net loc:192.168.1.3 tcp http - - 3/sec:10 # # Example: Redirect all locally-originating www connection requests to # port 3128 on the firewall (Squid running on the firewall