diff options
3 files changed, 11 insertions, 0 deletions
diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/burst/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/burst/node.def new file mode 100644 index 0000000..2739faa --- /dev/null +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/burst/node.def @@ -0,0 +1,3 @@ +type: u32 +help: Set maximum number of packets to allow in excess of rate +syntax:expression: ($VAR(@) >0) ; "Burst should be a value greater then zero" diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/node.def new file mode 100644 index 0000000..42081fe --- /dev/null +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/node.def @@ -0,0 +1 @@ +help: Set to match rule at a limited rate using a token bucket filter diff --git a/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/rate/node.def b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/rate/node.def new file mode 100644 index 0000000..de22a6f --- /dev/null +++ b/templates/firewall/ipv6-modify/node.tag/rule/node.tag/limit/rate/node.def @@ -0,0 +1,7 @@ +type: txt +help: Set maximum average matching rate +syntax:expression: pattern $VAR(@) "^[[:digit:]]+/(second|minute|hour|day)$" ; \ +"Invalid value for rate. Rate should be specified as an integer followed by +a forward slash '/' and either of these time units - second, minute, hour or day +eg. 1/second implies rule to be matched at an average of once per second" + |