Commit cdd8944b authored by Kaarle Ritvanen's avatar Kaarle Ritvanen

test: update-limit

parent 46794855
...@@ -33,4 +33,12 @@ add('conn') ...@@ -33,4 +33,12 @@ add('conn')
add('flow') add('flow')
add('flow', {['in']='A', out='_fw', ['no-track']=true}) add('flow', {['in']='A', out='_fw', ['no-track']=true})
for _, measure in ipairs{'conn', 'flow'} do
for _, addr in ipairs{'src', 'dest'} do
table.insert(
res, {['update-limit']={name='foo', measure=measure, addr=addr}}
)
end
end
print(json.encode{filter=res}) print(json.encode{filter=res})
This diff is collapsed.
...@@ -132,6 +132,8 @@ ...@@ -132,6 +132,8 @@
:logreject-0 - [0:0] :logreject-0 - [0:0]
:logtarpit-0 - [0:0] :logtarpit-0 - [0:0]
:tarpit - [0:0] :tarpit - [0:0]
-A FORWARD -m recent --name user:foo --rdest --mask 255.255.255.255 --set
-A FORWARD -m recent --name user:foo --rsource --mask 255.255.255.255 --set
-A FORWARD -j limit-59 -A FORWARD -j limit-59
-A FORWARD -j limit-58 -A FORWARD -j limit-58
-A FORWARD -j limit-57 -A FORWARD -j limit-57
...@@ -217,6 +219,8 @@ ...@@ -217,6 +219,8 @@
-A FORWARD -j ACCEPT -A FORWARD -j ACCEPT
-A FORWARD -j logaccept-final-5 -A FORWARD -j logaccept-final-5
-A FORWARD -j ACCEPT -A FORWARD -j ACCEPT
-A FORWARD -m recent --name user:foo --rsource --mask 255.255.255.255 --set
-A FORWARD -m recent --name user:foo --rdest --mask 255.255.255.255 --set
-A FORWARD -j ACCEPT -A FORWARD -j ACCEPT
-A FORWARD -j logdrop-19 -A FORWARD -j logdrop-19
-A FORWARD -A FORWARD
...@@ -285,6 +289,8 @@ ...@@ -285,6 +289,8 @@
-A FORWARD -m policy --dir in --pol ipsec -o eth5 -j ACCEPT -A FORWARD -m policy --dir in --pol ipsec -o eth5 -j ACCEPT
-A FORWARD -m policy --dir in --pol ipsec -m policy --dir out --pol ipsec -j ACCEPT -A FORWARD -m policy --dir in --pol ipsec -m policy --dir out --pol ipsec -j ACCEPT
-A FORWARD -p icmp -j icmp-routing -A FORWARD -p icmp -j icmp-routing
-A INPUT -m recent --name user:foo --rdest --mask 255.255.255.255 --set
-A INPUT -m recent --name user:foo --rsource --mask 255.255.255.255 --set
-A INPUT -j limit-59 -A INPUT -j limit-59
-A INPUT -j limit-58 -A INPUT -j limit-58
-A INPUT -j limit-57 -A INPUT -j limit-57
...@@ -401,6 +407,8 @@ ...@@ -401,6 +407,8 @@
-A INPUT -i eth0 -j limit-87 -A INPUT -i eth0 -j limit-87
-A INPUT -i eth0 -j limit-88 -A INPUT -i eth0 -j limit-88
-A INPUT -i eth0 -j limit-89 -A INPUT -i eth0 -j limit-89
-A INPUT -m recent --name user:foo --rsource --mask 255.255.255.255 --set
-A INPUT -m recent --name user:foo --rdest --mask 255.255.255.255 --set
-A INPUT -j ACCEPT -A INPUT -j ACCEPT
-A INPUT -j logdrop-19 -A INPUT -j logdrop-19
-A INPUT -A INPUT
...@@ -425,6 +433,8 @@ ...@@ -425,6 +433,8 @@
-A INPUT -i eth0 -j ACCEPT -A INPUT -i eth0 -j ACCEPT
-A INPUT -j ACCEPT -A INPUT -j ACCEPT
-A INPUT -p icmp -j icmp-routing -A INPUT -p icmp -j icmp-routing
-A OUTPUT -m recent --name user:foo --rdest --mask 255.255.255.255 --set
-A OUTPUT -m recent --name user:foo --rsource --mask 255.255.255.255 --set
-A OUTPUT -j limit-59 -A OUTPUT -j limit-59
-A OUTPUT -j limit-58 -A OUTPUT -j limit-58
-A OUTPUT -j limit-57 -A OUTPUT -j limit-57
...@@ -529,6 +539,8 @@ ...@@ -529,6 +539,8 @@
-A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -m recent --name user:foo --rsource --mask 255.255.255.255 --set
-A OUTPUT -m recent --name user:foo --rdest --mask 255.255.255.255 --set
-A OUTPUT -j ACCEPT -A OUTPUT -j ACCEPT
-A OUTPUT -j logdrop-19 -A OUTPUT -j logdrop-19
-A OUTPUT -A OUTPUT
......
...@@ -132,6 +132,8 @@ ...@@ -132,6 +132,8 @@
:logreject-0 - [0:0] :logreject-0 - [0:0]
:logtarpit-0 - [0:0] :logtarpit-0 - [0:0]
:tarpit - [0:0] :tarpit - [0:0]
-A FORWARD -m recent --name user:foo --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A FORWARD -m recent --name user:foo --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A FORWARD -j limit-59 -A FORWARD -j limit-59
-A FORWARD -j limit-58 -A FORWARD -j limit-58
-A FORWARD -j limit-57 -A FORWARD -j limit-57
...@@ -217,6 +219,8 @@ ...@@ -217,6 +219,8 @@
-A FORWARD -j ACCEPT -A FORWARD -j ACCEPT
-A FORWARD -j logaccept-final-5 -A FORWARD -j logaccept-final-5
-A FORWARD -j ACCEPT -A FORWARD -j ACCEPT
-A FORWARD -m recent --name user:foo --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A FORWARD -m recent --name user:foo --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A FORWARD -j ACCEPT -A FORWARD -j ACCEPT
-A FORWARD -j logdrop-19 -A FORWARD -j logdrop-19
-A FORWARD -A FORWARD
...@@ -255,6 +259,8 @@ ...@@ -255,6 +259,8 @@
-A FORWARD -m policy --dir in --pol ipsec -o eth5 -j ACCEPT -A FORWARD -m policy --dir in --pol ipsec -o eth5 -j ACCEPT
-A FORWARD -m policy --dir in --pol ipsec -m policy --dir out --pol ipsec -j ACCEPT -A FORWARD -m policy --dir in --pol ipsec -m policy --dir out --pol ipsec -j ACCEPT
-A FORWARD -p icmpv6 -j icmp-routing -A FORWARD -p icmpv6 -j icmp-routing
-A INPUT -m recent --name user:foo --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A INPUT -m recent --name user:foo --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A INPUT -j limit-59 -A INPUT -j limit-59
-A INPUT -j limit-58 -A INPUT -j limit-58
-A INPUT -j limit-57 -A INPUT -j limit-57
...@@ -371,6 +377,8 @@ ...@@ -371,6 +377,8 @@
-A INPUT -i eth0 -j limit-87 -A INPUT -i eth0 -j limit-87
-A INPUT -i eth0 -j limit-88 -A INPUT -i eth0 -j limit-88
-A INPUT -i eth0 -j limit-89 -A INPUT -i eth0 -j limit-89
-A INPUT -m recent --name user:foo --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A INPUT -m recent --name user:foo --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A INPUT -j ACCEPT -A INPUT -j ACCEPT
-A INPUT -j logdrop-19 -A INPUT -j logdrop-19
-A INPUT -A INPUT
...@@ -389,6 +397,8 @@ ...@@ -389,6 +397,8 @@
-A INPUT -i eth0 -j ACCEPT -A INPUT -i eth0 -j ACCEPT
-A INPUT -j ACCEPT -A INPUT -j ACCEPT
-A INPUT -p icmpv6 -j ACCEPT -A INPUT -p icmpv6 -j ACCEPT
-A OUTPUT -m recent --name user:foo --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A OUTPUT -m recent --name user:foo --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A OUTPUT -j limit-59 -A OUTPUT -j limit-59
-A OUTPUT -j limit-58 -A OUTPUT -j limit-58
-A OUTPUT -j limit-57 -A OUTPUT -j limit-57
...@@ -493,6 +503,8 @@ ...@@ -493,6 +503,8 @@
-A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -j ACCEPT -A OUTPUT -o eth0 -j ACCEPT
-A OUTPUT -m recent --name user:foo --rsource --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A OUTPUT -m recent --name user:foo --rdest --mask ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff --set
-A OUTPUT -j ACCEPT -A OUTPUT -j ACCEPT
-A OUTPUT -j logdrop-19 -A OUTPUT -j logdrop-19
-A OUTPUT -A OUTPUT
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment