Hi
Can someone help me with this, I need a firewall rule that can add a source to address-list after it got pinged a x amount of time, say for example 3 pings put address on address-list.
Try this:
add chain=forward comment=“allow 10 ICMP-requests per second per source IP” dst-limit=10,2,src-address protocol=icmp
add action=add-src-to-address-list address-list=icmpflooders address-list-timeout=60m chain=forward protocol=icmp
thx
Ok, I tested the rule, I changed the rules from forward to input, and after pinging the device 10 times or 100times, it doesn’t add anything to address-list.. Am I missing something?
Make sure your hitting the time threshold. …
Ohh, I’m using a pc with ping command to continuously ping the host, its like 1 ping every second right.?
Yeah… I forget the command line arguments, but there is a command line argument to set the rate.
I may have made a mistake in my last post… I don’t remember if is 10 per second averaged over 2 seconds or 10 per 2 seconds… either way your not hitting the limit.
sweet, its working now, I changed the rate to 3min and burst to 1
thx guys