Uploaded image for project: 'RHEL Documentation'
  1. RHEL Documentation
  2. RHELDOCS-18705

syntax and parameter error

XMLWordPrintable

    • Low
    • sst_networking_core
    • 1
    • False
    • Hide

      None

      Show
      None
    • None
    • CCS 2024-16, CCS 2024-17
    • None
    • Not Required
    • Done
    • Not Required

      Document link: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_firewalls_and_packet_filters/getting-started-with-nftables_firewall-packet-filters#limiting-the-number-of-connections-using-nftables_assembly_using-nftables-to-limit-the-amount-of-connections

       

      Section number and name:

      2.9.1. Limiting the number of connections using nftables

       

      Describe the issue:

      • error 1:

      Redundant code
      nft add set inet example_table example_meter { type ipv4_addr\; flags dynamic \;} 

      • error 2:

      nft add rule ip example_table example_chain tcp dport ssh meter example_meter { ip saddr ct count over 2 } counter reject

      • error 3:

      nft list set inet example_table example_meter

       

      Suggestions for improvement:

      • modify 1

      remove redundant code

      • modify 2

      nft add rule inet example_table example_chain tcp dport ssh meter example_meter { ip saddr ct count over 2 } counter reject

      • modify 3

      nft list meter inet example_table example_meter

       

      Additional information:

      I'm not sure if this is using meter or add @myset, but either way, it's wrong.

            mmuehlfe@redhat.com Marc Muehlfeld
            logwc wc log (Inactive)
            Phil Sutter
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: