I am doing some rate-limiting with IPtables, and i'm not sure if I should use "Recent" or "Limit"
What are the differences between the two? If they both achieve the same result, which one has better performance? I would like to know, regardless if any difference would be perceivable.
I am looking to ACCEPT if under limit, and REJECT if over. I'm not interested in thus bandwidth throttling, I don't want a queue.
I don't need any syntax examples, both have ample use examples online. I have also used Limit in the past.
I appreciate any responses.
I think this link explains both modules in good detail.
In short, the
limit
module puts a limit on the number of times a rule can be matched. Therecent
module enables you to create a dynamic list of IPs and then use this list to match in other rules differently (do special NATing, deny access, etc..).