X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/12f16f60c19b470a3a4e5ee145485095dc674dee..817af0291569f769947e8c14650bdf2f588addfb:/Docs/manual.html?ds=inline diff --git a/Docs/manual.html b/Docs/manual.html index 13748a9..8dd2532 100644 --- a/Docs/manual.html +++ b/Docs/manual.html @@ -307,6 +307,13 @@ Keep all pages mapped by the l2tpns process in memory. Maximum number of host unreachable ICMP packets to send per second. </LI> +<LI><B>packet_limit</B> (int><BR> +Maximum number of packets of downstream traffic to be handled each +tenth of a second per session. If zero, no limit is applied (default: +0). Intended as a DoS prevention mechanism and not a general +throttling control (packets are dropped, not queued). +</LI> + <LI><B>cluster_address</B> (ip address)<BR> Multicast cluster address (default: 239.192.13.13). See the section on <A HREF="#Clustering">Clustering</A> for more information. @@ -360,23 +367,25 @@ define the body of the access-list. Standard access-list syntax: Extended access-lists: -<DL> - <DD>{<B>permit</B>|<B>deny</B>} <B>ip</B> +<DIV STYLE="margin-left: 4em; text-indent: -2em"> + <P>{<B>permit</B>|<B>deny</B>} <B>ip</B> {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>} - {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>} - <DD>{<B>permit</B>|<B>deny</B>} <B>udp</B> + {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>} [<B>fragments</B>] + <P>{<B>permit</B>|<B>deny</B>} <B>udp</B> {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>} [{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>] {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>} [{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>] - <DD>{<B>permit</B>|<B>deny</B>} <B>tcp</B> + [<B>fragments</B>] + <P>{<B>permit</B>|<B>deny</B>} <B>tcp</B> {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>} [{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>] {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>} [{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>] [{<B>established</B>|{<B>match-any</B>|<B>match-all</B>} - {<B>+</B>|<B>-</B>}{<B>fin</B>|<B>syn</B>|<B>rst</B>|<B>psh</B>|<B>ack</B>|<B>urg</B>} ...] -</DL> + {<B>+</B>|<B>-</B>}{<B>fin</B>|<B>syn</B>|<B>rst</B>|<B>psh</B>|<B>ack</B>|<B>urg</B>} + ...|<B>fragments</B>] +</DIV> <H3 ID="users">users</H3>