X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=modules%2Fferm%2Ffiles%2Fferm.conf;h=5b38e34c31723e0379157a63e1dad0a9e8e390e6;hb=0342b6075bff7217a4f16a85bebee4da586749a4;hp=a88d797c0bd4bdef6d95aa1a3d965168a6d9f44b;hpb=3862d6ae4f4315a6da98fa54cbb2c0a79c74d83b;p=dsa-puppet.git

diff --git a/modules/ferm/files/ferm.conf b/modules/ferm/files/ferm.conf
index a88d797c..5b38e34c 100644
--- a/modules/ferm/files/ferm.conf
+++ b/modules/ferm/files/ferm.conf
@@ -16,8 +16,8 @@ domain ip {
               }
 
               chain log_or_drop {
-                      mod hashlimit hashlimit-name ulogreject  hashlimit-mode srcip hashlimit-burst 30 hashlimit 15/second jump log_and_reject;
-                      mod hashlimit hashlimit-name uloglogdrop hashlimit-mode srcip hashlimit-burst 30 hashlimit 15/second ULOG ulog-prefix "DROP: ";
+                      mod hashlimit hashlimit-name ulogreject  hashlimit-mode srcip hashlimit-burst 10 hashlimit 1/second jump log_and_reject;
+                      mod hashlimit hashlimit-name uloglogdrop hashlimit-mode srcip hashlimit-burst 10 hashlimit 1/second ULOG ulog-prefix "DROP: ";
                       DROP;
               }
 
@@ -32,8 +32,8 @@ domain ip6 {
               }
 
               chain log_or_drop {
-                      mod hashlimit hashlimit-name logreject  hashlimit-mode srcip hashlimit-burst 30 hashlimit 15/second jump log_and_reject;
-                      mod hashlimit hashlimit-name loglogdrop hashlimit-mode srcip hashlimit-burst 30 hashlimit 15/second LOG log-prefix "DROP: ";
+                      mod hashlimit hashlimit-name logreject  hashlimit-mode srcip hashlimit-burst 10 hashlimit 1/second jump log_and_reject;
+                      mod hashlimit hashlimit-name loglogdrop hashlimit-mode srcip hashlimit-burst 10 hashlimit 1/second LOG log-prefix "DROP: ";
                       DROP;
               }
         }