From: Jan Engelhardt <jengelh@medozas.de>
Date: Tue, 17 Nov 2009 22:54:29 +0000 (+0100)
Subject: doc: explain experienced --hitcount limit
X-Git-Tag: v1.4.6~1^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7573631fa9f6f15b28a13cc5d22f2a446f69fd64;p=thirdparty%2Fiptables.git

doc: explain experienced --hitcount limit

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---

diff --git a/extensions/libxt_recent.man b/extensions/libxt_recent.man
index 9d5a64ee..aa138df3 100644
--- a/extensions/libxt_recent.man
+++ b/extensions/libxt_recent.man
@@ -44,7 +44,9 @@ This option must be used in conjunction with one of \fB\-\-rcheck\fP or
 address is in the list and packets had been received greater than or equal to
 the given value. This option may be used along with \fB\-\-seconds\fP to create
 an even narrower match requiring a certain number of hits within a specific
-time frame.
+time frame. The maximum value for the hitcount parameter is given by the
+"ip_pkt_list_tot" parameter of the xt_recent kernel module. Exceeding this
+value on the command line will cause the rule to be rejected.
 .TP
 \fB\-\-rttl\fP
 This option may only be used in conjunction with one of \fB\-\-rcheck\fP or