I have a burst/limit defined for a DNAT rule in a macro.SVCS file: DNAT net $INT_PBX udp 5060 - - s:SIP:3/min
which I then call from my rules file with:
SVCS net -
But when I see what shorewall did with that in terms of iptables rules
I see this in the filter table:
0 0 ACCEPT udp -- * * 0.0.0.0/0 10.75.22.8
udp dpt:5060 /* SVCS */
and this in the nat table:
0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:5060 limit: up to 3/min burst 5 mode srcip /* SVCS */
to:10.75.22.8
As you can see the burst/limit only applied to the nat table rule and
not the filter table rule.
Is this expected?
Cheers,
b.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
