From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 11 Sep 2014 13:54:53 +0000 (+0200)
Subject: rules.pl: Use hashlimit module for rate limiting
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6d05202ab5ce4275855df609a6861d9f05871ac0;p=people%2Fms%2Fipfire-2.x.git

rules.pl: Use hashlimit module for rate limiting
---

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 5e602b9bbe..7a62bb4321 100755
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -290,8 +290,11 @@ sub buildrules {
 			my $rate_limit = "$$hash{$key}[35]/$$hash{$key}[36]";
 
 			if ($rate_limit) {
-				push(@ratelimit_options, ("-m", "limit"));
-				push(@ratelimit_options, ("--limit", $rate_limit));
+				push(@ratelimit_options, ("-m", "hashlimit"));
+				push(@ratelimit_options, ("--hashlimit-name", "rule-$key"));
+				push(@ratelimit_options, ("--hashlimit-mode", "srcip"));
+
+				push(@ratelimit_options, ("--hashlimit-upto", $rate_limit));
 			}
 		}