exit_ip: add rate limit to v6 nd

values were provided by awlnx
This commit is contained in:
Markus 2021-06-14 16:46:00 +02:00
parent f8380524ec
commit 9e369291b6

View File

@ -6,4 +6,6 @@
:FORWARD ACCEPT [0:0] :FORWARD ACCEPT [0:0]
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
:OUTPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0]
-A OUTPUT -o br-{{ site_code }} -p icmpv6 --icmpv6-type 135 -m limit --limit 200/sec -j ACCEPT
-A OUTPUT -o br-{{ site_code }} -p icmpv6 --icmpv6-type 135 -j DROP
COMMIT COMMIT