can someone explain to me what doese limit-burst really mean? I don’t understand about it regards the limit-count/limit-time. My english isn’t that good.
what does limit-burst have affect to limit-count and limit-time? Can someone give me an example or explaination please? Thanks.
limit-count is a number how many times we can use a rule (for example accept a packet) during limit-time period
limit-burst adds a number to limit-count
limit-burst regenerates 1 point only if during limit-time we didn’t receive a packet matching the rule.. limit-count regenerates after every limit-time
so.. the rule:
0 protocol=icmp limit-count=1 limit-burst=2 limit-time=2s action=drop
will drop first 5 icmp packets and then every 2nd packet (if ping interval is 1s), if we’ll wait 4s limit-burst regenerates and again first 5 packets will be dropped