comp.os.linux.networking
back to index
Group: comp.os.linux.networking
From: Andrew Gideon
Date: Tuesday, April 08, 2008 12:20 PM
Subject: Re: How to PREVENT a user from logging in through SSH
From: Andrew Gideon
Date: Tuesday, April 08, 2008 12:20 PM
Subject: Re: How to PREVENT a user from logging in through SSH
On Tue, 08 Apr 2008 18:10:54 +0200, David Brown wrote:
> You can think of a rule with "-m limit --limit 3/minute --limit-burst 5"
> as having a bucket with space for 5 tokens. A packet will only match
> the rule if it can get a token from the bucket, and the bucket refills
> at the rate of 3 per minute (1 per 20 seconds).
I've never been clear on the exact meaning of "limit-burst", but I think
your explanation might have finally crossed my confusion threshold.
*If* I understand correctly, the idea is that 3/minute is the steady
state limit. But if the system is sufficiently quiet (ie. no requests
for the past 40 seconds), up to 5 connections can be permitted within a
single "instant"? Is that right?
Thanks...
Andrew
