| Limit matches |
| Prev | Filtering and Manipulation of Packets | Next |
This module matches at a limited rate using a token bucket filter. A rule using this extension will match until this limit is reached (unless the `!' flag is used). It can be used in combination with the LOG target to give limited logging, for example.
iptables -A INPUT --match limit --limit 10/second --limit-burst 5 -j ACCEPT
iptables -A INPUT --match limit --limit 2/hour --limit-burst 10 -j LOG
| Prev | Home | Next |
| Source MAC | Up | Statefull Packet Filtering |