Board index Linux Networking

Does ebtables support "--limit" match like iptables?

Does ebtables support "--limit" match like iptables?

Post by Nick » Thu, 31 Jul 2003 11:29:51



Does ebtables support "--limit" match like iptables?
That is, i could limit how many times a certain rule may be matched in
a certain time frame.
I think this match can reduce some DoS attacks between local
hosts(wired/wireless), for example: to allow a ping request to appear
one time within a second. I using ebtales instead of iptables because
iptables can only see bridged packets with br-nf code,  this can make
bridged packets to traverse iptables chains in link layer, but this
may downgrade my AP's performance for bridging.
 
 
 
Top

1. "iptables mark with filter fw" vs "u32 match"

Hello  

Does anyone do tests to compare performance iptables marking with u32
filter ... ??

u32 filter with 4000 rules on physical interface do 99% CPU ( 2,66GHz Xeon )

4000 iptables rules with mark for fw filter do 89% CPU ( 2.66GHz Xeon )

But if i optimize iptables and make separate chains then CPU is 20% ....

Anyone has other results or tests ??

2. mount over a mounted fs?

3. GETSERVBYNAME()????????????????????"""""""""""""

4. Hardware Configurations for SUN systems

5. """"""""My SoundBlast 16 pnp isn't up yet""""""""""""

6. Login Count

7. rss" and "stack" and "data" in /etc/security/limits file

8. can't get Internal Modem working

9. How to match a "[variable]" or "[var1.var2[var3]]"?

10. iptables rule to match "first data packet in connection"?

11. Redhat 7.3: Latest Kernel Update Breaks iptables "--match owner"?

12. IPTables: "No chain/target/match by that name"

13. Type "(", ")" and "{", "}" in X...


All times are UTC
Board index