more DoS prevention: add packet_limit option to apply a hard limit to downstream packets per session
This commit is contained in:
bodea
parent
ee333473db
commit
bb63cb9994
7 changed files with 79 additions and 17 deletions
|
|
@ -2,7 +2,7 @@
|
|||
.de Id
|
||||
.ds Dt \\$4 \\$5
|
||||
..
|
||||
.Id $Id: startup-config.5,v 1.3 2004/11/29 06:29:28 bodea Exp $
|
||||
.Id $Id: startup-config.5,v 1.4 2005/01/10 07:17:37 bodea Exp $
|
||||
.TH STARTUP-CONFIG 5 "\*(Dt" L2TPNS "File Formats and Conventions"
|
||||
.SH NAME
|
||||
startup\-config \- configuration file for l2tpns
|
||||
|
|
@ -160,6 +160,12 @@ process in memory.
|
|||
.B icmp_rate
|
||||
Maximum number of host unreachable ICMP packets to send per second.
|
||||
.TP
|
||||
.B packet_limit
|
||||
Maximum number of packets of downstream traffic to be handled each
|
||||
tenth of a second per session. If zero, no limit is applied (default:
|
||||
0). Intended as a DoS prevention mechanism and not a general
|
||||
throttling control (packets are dropped, not queued).
|
||||
.TP
|
||||
.B cluster_address
|
||||
Multicast cluster address (default: 239.192.13.13).
|
||||
.TP
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue