Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-1805

puppetlabs-firewall Add support for hashlimit extension to iptables

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: firewall, supported
    • Labels:
      None
    • Template:
    • Epic Link:
    • Team:
      Modules
    • Story Points:
      3

      Description

      Please add support for the hash limiting feature set.

      The full list of subcommands can be found at http://ipset.netfilter.org/iptables-extensions.man.html under the hashlimit section

      example rule we would like to emulate:
      -A INPUT -p udp -m udp --dport 53 -m hashlimit --hashlimit-above 151/sec --hashlimit-burst 500 --hashlimit-mode srcip --hashlimit-name DNS --hashlimit-srcmask 28 -j DROP

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              DDrimer Daniel Drimer
            • Votes:
              6 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Zendesk Support