add firewall bridge mode so it can be used as
layer 2 inline bridge for either DDoS protection
or firewall filter by iptable rules configured in
netfilter filter table forward chain.
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
Having raised the overall log rate limit to 10 packet per second
in Core Update 136, this did not affected rules generated by the
user. In order to stay consistent, this patch also raises log rate
limit for these.
In order to avoid side effects on firewalls with slow disks, it
was probably better touch these categories separately, so testing
users won't be DoSsed instantly. :-)
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
Packets destined for the firewall coming in from the blue
device where accepted too early to be processed by the
firewall input chain rules.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
