docs(config): Document hitcount and ICMP use with example config

2022-07-16 02:09:56 +02:00 · 2022-07-16 02:09:56 +02:00 · 6b5d54ecdf
commit 6b5d54ecdf
parent f4e31ceebe
1 changed files with 10 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -110,10 +110,18 @@ addr =
 ports = 80, 443
 proto = tcp
 state = NEW
+hitcount =
 do_ipv6 = false
 firewalld_direct_file_abs = /etc/firewalld/direct.xml
 restart_firewalld_after_change = true

+[anyone-may-icmp-with-limit]
+addr =
+ports =
+proto = icmp
+state = NEW,UNTRACKED
+hitcount = 120/60
+
 [anyone-can-access-website]

 # Unsetting 'proto' while having a 'ports' value results in an invalid section
@ -128,8 +136,9 @@ addr = 2606:4700:20::681a:804, lowendtalk.com
 ports = 80, 443
 do_ipv6 = true

-[allow-anyone-to-access-mail-services]
+[anyone-may-access-mail-services]
 ports = 143, 993, 110, 995, 25, 465, 587
+hitcount = 120/60

 [deny-all]
 target = DROP