Well up-til now I've considered iptables rate-limit commands with the "recent" module to work for each IP Address. For example rate-limit rule of 20k/s will trigger only if a single IP exceeds 20k/s rate and not if 4 different IPs exceed 5k/s rate. Please correct me if I considered this wrong as I've only used these rules for TCP/ UDP.
But today I tried similar rules for ICMP and applied 4/s Input/Output. But then on trying to ping-test from just-ping.com I could see packet loss on almost all IP Addresses. How could that happen because if it worked for each IP Address then it wouldn't be triggering the rule because I believe each IP from just-ping has a rate of probably 1/s.
I still think the first one is true because if it wasn't then my GameServer would block everyone if the combined rate ( in case of more connected players ) increased the threshold. This hasn't happened up til now so the ICMP thing really confused me.
Thank you.
UPDATE
Here is my config:
-A INPUT -p icmp -m recent --set --name PING --rsource
-A INPUT -p icmp -m recent --update --seconds 1 --hitcount 4 --name PING --rsource -j DROP
-A OUTPUT -p icmp -m recent --set --name PING2 --rsource
-A OUTPUT -p icmp -m recent --update --seconds 1 --hitcount 4 --name PING2 --rsource -j DROP
Okay after some research into this one as well I see that the icmp echo-request when made through multiple-IPs or even in MTR packets is probably not actually 1/s. Setting it as high as 20/s makes it work good and the packets are no longer blocked. Though I still couldn't find why the rate is more than 5/s for echo-request.