From 6d05202ab5ce4275855df609a6861d9f05871ac0 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 11 Sep 2014 15:54:53 +0200
Subject: [PATCH] rules.pl: Use hashlimit module for rate limiting

---
 config/firewall/rules.pl | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 5e602b9bbe..7a62bb4321 100755
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -290,8 +290,11 @@ sub buildrules {
 			my $rate_limit = "$$hash{$key}[35]/$$hash{$key}[36]";
 
 			if ($rate_limit) {
-				push(@ratelimit_options, ("-m", "limit"));
-				push(@ratelimit_options, ("--limit", $rate_limit));
+				push(@ratelimit_options, ("-m", "hashlimit"));
+				push(@ratelimit_options, ("--hashlimit-name", "rule-$key"));
+				push(@ratelimit_options, ("--hashlimit-mode", "srcip"));
+
+				push(@ratelimit_options, ("--hashlimit-upto", $rate_limit));
 			}
 		}
 
-- 
2.39.5