1 files changed, 9 insertions, 0 deletions
diff --git a/files/files/etc/ruleset.nft b/files/files/etc/ruleset.nft
index 7767eb6..f1c8168 100644
--- a/files/files/etc/ruleset.nft
+++ b/files/files/etc/ruleset.nft
@@ -1,6 +1,15 @@
 define icmp_protos = { ipv6-icmp, icmp, igmp }
 table inet filter {
+  limit lim_reject {
+    rate over 1000/second burst 1000 packets
+  }
+  limit lim_icmp {
+    rate over 50 mbytes/second burst 50 mbytes
+  }
  counter icmp-ratelimit-fw {}
  counter icmp-fw {}

diff --git a/files/files/etc/ruleset.nft b/files/files/etc/ruleset.nft index 7767eb6..f1c8168 100644 --- a/files/files/etc/ruleset.nft +++ b/files/files/etc/ruleset.nft
@@ -1,6 +1,15 @@
1	define icmp_protos = { ipv6-icmp, icmp, igmp }	1	define icmp_protos = { ipv6-icmp, icmp, igmp }
2		2
3	table inet filter {	3	table inet filter {
		4	limit lim_reject {
		5	rate over 1000/second burst 1000 packets
		6	}
		7
		8	limit lim_icmp {
		9	rate over 50 mbytes/second burst 50 mbytes
		10	}
		11
		12
4	counter icmp-ratelimit-fw {}	13	counter icmp-ratelimit-fw {}
5		14
6	counter icmp-fw {}	15	counter icmp-fw {}