From 7fe1f214d75b28c7b668f95a7299dae545c41e27 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Fri, 14 Jan 2022 01:40:35 +0100
Subject: ...

---
 files/files/etc/ruleset.nft | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/files/files/etc/ruleset.nft b/files/files/etc/ruleset.nft
index 7767eb6..f1c8168 100644
--- a/files/files/etc/ruleset.nft
+++ b/files/files/etc/ruleset.nft
@@ -1,6 +1,15 @@
 define icmp_protos = { ipv6-icmp, icmp, igmp }
 
 table inet filter {
+  limit lim_reject {
+    rate over 1000/second burst 1000 packets
+  }
+
+  limit lim_icmp {
+    rate over 50 mbytes/second burst 50 mbytes
+  }
+
+
   counter icmp-ratelimit-fw {}
 
   counter icmp-fw {}
-- 
cgit v1.2.3