Try to limit the number of login attempt per time on a system from a single IP address.
The dst-limit rule only limits the number of simultaneous connections not to connection per time
/ip firewall filter
add action=return chain=ssh comment="Accept 1/min connections" dst-limit=1/1m,0,src-address/1m
When i open 2 connections at the same time the rules does not return for the second connection. But when i close the first connection and make a new connection within one minute the rules still marks the connection and returns.
I did expect the code to count the number of connection within one minute, but it looks like only to counts the connections at the same time.
Where do i go wrong ?.