Hi all, for some reasons I would like to reject with a icmp source-quench. I have tried this: iptables -t filter -A LIMIT -m limit --limit 1/sec -j REJECT --reject-with \ icmp-source-quench The problem is that it does not know nothing about icmp-source-quench... what is the right reject? Praise
Hello, Praise wrote:
Hi all,
for some reasons I would like to reject with a icmp source-quench. I have tried this: iptables -t filter -A LIMIT -m limit --limit 1/sec -j REJECT --reject-with \ icmp-source-quench
The problem is that it does not know nothing about icmp-source-quench... what is the right reject?
try this: iptables -t filter -p icmp --icmp-type source-quench -j REJECT With -p icmp --icmp-type .... you can determine, which types you want to reject or allow. Bye, Ralf
Praise
for some reasons I would like to reject with a icmp source-quench. I have tried this: iptables -t filter -A LIMIT -m limit --limit 1/sec -j REJECT --reject-with \ icmp-source-quench
The problem is that it does not know nothing about icmp-source-quench... what is the right reject?
try this:
iptables -t filter -p icmp --icmp-type source-quench -j REJECT
With -p icmp --icmp-type .... you can determine, which types you want to reject or allow.
Hi, I knew this:-) I did not want to limit icmp source quench, I want to send them in response of some packets. The reason is obvious: I am trying to limit bandwidth to some pc in the internal network. AFAIK, the cbq script is not useful for me, because I want to limit bandwidth on user basis and on internal lan network basis. I am not sure if this turnaround with iptables could work very well, I am trying to check (even if I dont see why it should not work). Thank you for your reply, though. Praise
participants (2)
-
Praise -
Ralf Ronneburger