From b27f24d4686b1fe67a351c9ebfece798a6adb0c2 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Wed, 8 Dec 2021 19:01:29 +0100
Subject: vidhar: nftables...

---
 hosts/vidhar/ruleset.nft | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/hosts/vidhar/ruleset.nft b/hosts/vidhar/ruleset.nft
index dc95b95b..8877f123 100644
--- a/hosts/vidhar/ruleset.nft
+++ b/hosts/vidhar/ruleset.nft
@@ -1,6 +1,6 @@
 table inet filter {
   chain reject-rl {
-    limit rate over 1024 / second burst 1024 packets counter drop
+    limit rate over 1000 / second burst 1000 packets counter drop
   }
 
 
@@ -19,8 +19,8 @@ table inet filter {
 
     log prefix "reject forward: " counter
     jump reject-rl
-    meta l4proto tcp ct new counter reject with tcp reset
-    ct new counter reject
+    meta l4proto tcp ct state new counter reject with tcp reset
+    ct state new counter reject
   }
 
   chain input {
@@ -47,8 +47,8 @@ table inet filter {
 
     log prefix "reject input: " counter
     jump reject-rl
-    meta l4proto tcp ct new counter reject with tcp reset
-    ct new counter reject
+    meta l4proto tcp ct state new counter reject with tcp reset
+    ct state new counter reject
   }
 
   chain output {
-- 
cgit v1.2.3