-
Bug
-
Resolution: Done
-
Normal
-
rhel-9.2.0
-
None
-
Low
-
sst_networking_core
-
1
-
False
-
-
None
-
CCS 2024-16, CCS 2024-17
-
None
-
Not Required
-
Done
-
Not Required
Section number and name:
2.9.1. Limiting the number of connections using nftables
Describe the issue:
- error 1:
Redundant code
nft add set inet example_table example_meter { type ipv4_addr\; flags dynamic \;}
- error 2:
nft add rule ip example_table example_chain tcp dport ssh meter example_meter { ip saddr ct count over 2 } counter reject
- error 3:
nft list set inet example_table example_meter
Suggestions for improvement:
- modify 1
remove redundant code
- modify 2
nft add rule inet example_table example_chain tcp dport ssh meter example_meter { ip saddr ct count over 2 } counter reject
- modify 3
nft list meter inet example_table example_meter
Additional information:
I'm not sure if this is using meter or add @myset, but either way, it's wrong.