mirror of
https://github.com/breeze303/nss-packages.git
synced 2025-12-17 01:06:36 +00:00
15 lines
686 B
Bash
15 lines
686 B
Bash
#!/bin/sh
|
|
|
|
if grep -q "fw3" /etc/init.d/firewall; then
|
|
iptables -nvL | grep -q "Chain RATE-LIMIT" && iptables -F RATE-LIMIT
|
|
iptables -nvL | grep -q "Chain RATE-LIMIT" || iptables -N RATE-LIMIT
|
|
iptables -A RATE-LIMIT --match limit --limit 1000/sec --limit-burst 1000 -j RETURN
|
|
iptables -A RATE-LIMIT -j DROP
|
|
iptables -I zone_wan_forward 5 --match conntrack --ctstate NEW -j RATE-LIMIT
|
|
elif grep -q "fw4" /etc/init.d/firewall; then
|
|
nft add chain inet fw4 RATE-LIMIT
|
|
nft add rule inet fw4 RATE-LIMIT limit rate 1000/second burst 1000 packets counter return
|
|
nft add rule inet fw4 RATE-LIMIT counter drop
|
|
nft insert rule inet fw4 forward_wan ct state new counter jump RATE-LIMIT
|
|
fi
|