extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-23 08:03:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add rate-limiting example to rules manpages

Browse Source
This commit is contained in:
Tom Eastep 2011-02-03 13:26:41 -08:00
parent 475b811171
commit ac13be4ed4
3 changed files with 30 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
manpages/shorewall-rules.xml
View File

@ -1381,7 +1381,22 @@
<para>Add the tupple (source IP, dest port, dest IP) of an incoming
SSH connection to the ipset S:</para>
<programlisting> ADD(+S:dst,src,dst) net fw tcp 22</programlisting>
<programlisting> #ACTION SOURCE DEST PROTO DEST
# PORT(S)
ADD(+S:dst,src,dst) net fw tcp 22</programlisting>
</listitem>
</varlistentry>
<varlistentry>
<term>Example 11:</term>
<listitem>
<para>You wish to limit SSH connections from remote sysstems to
1/min with a burst of three (to allow for limited retry):</para>
<programlisting> #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
# PORT(S) PORT(S) DEST LIMIT
SSH(ACCEPT) net all - - - - s:1/min:3</programlisting>
</listitem>
</varlistentry>
</variablelist>

13
manpages6/shorewall6-rules.xml
View File

@ -1103,6 +1103,19 @@
$FW tcp 22</programlisting>
</listitem>
</varlistentry>
<varlistentry>
<term>Example 5:</term>
<listitem>
<para>You wish to limit SSH connections from remote sysstems to
1/min with a burst of three (to allow for limited retry):</para>
<programlisting> #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
# PORT(S) PORT(S) DEST LIMIT
SSH(ACCEPT) net all - - - - s:1/min:3</programlisting>
</listitem>
</varlistentry>
</variablelist>
</refsect1>