kernelversion:
stable - 6.5.12
mainline - 4.19.299
mainline - 5.4.261
mainline - 6.1.63
mainline - 5.10.201
mainline - 5.15.139
mainline - 6.6.2
mainline - 4.14.330
mainline - 6.7-rc2
[click here for custom version]
architecture:
>
x86
arm
arm64
powerpc
mips
sparc
ia64
arc
riscv
nds32
m68k
microblaze
alpha
unicore32
parisc
blackfin
selects
CONFIG_NETFILTER_CONNCOUNT
depends
CONFIG_INET
CONFIG_NET
CONFIG_NETFILTER
CONFIG_NETFILTER_ADVANCED
CONFIG_NF_CONNTRACK
CONFIG_NF_TABLES
Netfilter nf_tables connlimit module
modulename: nft_connlimit.ko
configname: CONFIG_NFT_CONNLIMIT
Linux Kernel Configuration
└─> Networking support
└─> Networking options
└─> Network packet filtering framework (Netfilter)
└─> Core Netfilter Configuration
└─> Netfilter nf_tables connlimit module
In linux kernel since version 4.2 (release Date: 2015-08-30)
This option adds the "connlimit" expression that you can use to
ratelimit rule matchings per connections.
source code:
net/netfilter/nft_connlimit.c
ratelimit rule matchings per connections.