Merge commit 'origin/trunk@12184' into fedora

[iptables.git] / trunk / extensions / libxt_limit.man

diff --git a/trunk/extensions/libxt_limit.man b/trunk/extensions/libxt_limit.man
new file mode 100644 (file)
index 0000000..0419c50
--- /dev/null
+++ b/trunk/extensions/libxt_limit.man
@@ -0,0 +1,15 @@
+This module matches at a limited rate using a token bucket filter.
+A rule using this extension will match until this limit is reached
+(unless the `!' flag is used).  It can be used in combination with the
+.B LOG
+target to give limited logging, for example.
+.TP
+[\fB!\fP] \fB--limit\fP \fIrate\fP[\fB/second\fP|\fB/minute\fP|\fB/hour\fP|\fB/day\fP]
+Maximum average matching rate: specified as a number, with an optional
+`/second', `/minute', `/hour', or `/day' suffix; the default is
+3/hour.
+.TP
+.BI "--limit-burst " "number"
+Maximum initial number of packets to match: this number gets
+recharged by one every time the limit specified above is not reached,
+up to this number; the default is 5.