[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    =?UTF-8?B?UmU6IEhvdyB0byB1c2UgbGltaXQgcmF0ZSBvbiBpcCBhZGRyZXNzIHRocm91Z2ggbmZ0IGNv?= =?UTF-8?B?bW1hb
From:       "Rosysong" <rosysong () rosinson ! com>
Date:       2018-04-27 8:11:53
Message-ID: a6ef0f8b-15f7-4481-9d39-6ebc5a8bf875.rosysong () rosinson ! com
[Download RAW message or body]

Yes,  the rules in filter table does work at all.


------------------------------------------------------------------
From:Pablo Neira Ayuso <pablo@netfilter.org>
Time:2018 Apr 27 (Fri) 16:09
To: Rosysong <rosysong@rosinson.com>
Cc:netfilter-devel <netfilter-devel@vger.kernel.org>; netfilter <netfilter@vger.kernel.org>
Subject:Re: How to use limit rate on ip address through nft command ?


On Fri, Apr 27, 2018 at 03:51:05PM +0800, Rosysong wrote:
[...]
> # create a table named filter
> nft add table filter
> 
> # add chain for input(download) and output(upload) hook
> nft add chain filter input { type filter hook input priority 0\;}
> nft add chain filter output { type filter hook output priority 0\;}
> 
> nft add rule filter input ip daddr 192.168.0.104 limit rate 512bytes/second accept
> nft add rule filter output ip saddr 192.168.0.104 limit rate 512bytes/second accept
> 
> Is there any problem with my nftables commands ? Any hits will be appreciated, thanks!!!

What do you mean with "fails"?

When adding the rule or you observe this doesn't work for you, ie. not
ratelimiting as you expect?

Thanks.--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]