> When i set a limit to REJECT like this: > -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -m limit --limit 1/min -j REJECT > --reject-with tcp-reset > > i set limit to reject packets that i send or to packets i receive? This rule will REJECT with TCP reset every incomming packet to the host that hits the 1/min limit (+burst) with both SYN and RST flags SET.
The rest depends on your policy. I do not think that this is what you want. Regards, Maciej Soltysiak
