Hello,

Is it possible have some nft rule that, let's say, accepts packets on a port, and add to it logging and rate limiting only the logging? So all this in the same rule.

For instance the rule for port 23 works. But I cannot add rate limit 20/minute at the end before accept.
Any ideas if something like that is possible?

I know nothing about this topic. But this may be of use to you

https://wiki.nftables.org/wiki-nftab...ule_management

Yeah, I'd need something better than the official documentation of nftables which I've already checked.

I'm slowly starting to wonder why I keep posting here...

Oh?
https://wiki.nftables.org/wiki-nftab...0is%20accepted.
https://wiki.nftables.org/wiki-nftab...ting_matchings

Would seem to indicate that the syntax would be "limit rate 20/minute", not "rate limit". You don't tell us what version/distro of Linux or nftables you're using, or tell us anything past you "cannot add" something...no errors/messages to help anyone diagnose anything. Not sure what could be much better than the official documentation when it comes to how to use something.
Then don't; may want to look at the search function here first, though, as a similar question was asked/answered not long ago:
https://www.linuxquestions.org/quest...05#post6269005

Good luck.

Why are you even bothering to answer if you're not going to actually read the post? This obnoxious arrogance while answering like a robot isn't really honouring you.
My question was related related to limiting only the logging part within the same rule! How are the linked pages (which I've already read) actually addressing this?

Indeed, I didn't mention the version, because I think it's somewhat less relevant in this context, as I'm interested in whether nftables in general would be capable of that.

Why are you even bothering to post, since you obviously didn't read the reply?? You were told the syntax you posted was incorrect, asked whether you checked it, and asked to post any relevant errors/messages. You did none of that. The thread asked last year has the solution, which only needs some modifications...which can be found in the nftables docs, which you claim aren't good enough for you. The other LQ post (which you couldn't be bothered to look up), says specifically "limit rate over 3/minute". That would indicate that if you possibly CHANGED IT to say "over 20/minute", it may do what you need.
Yes...SOME VERSIONS are. Some aren't. Which is the reason for asking.

You want to whine about not getting answers, and spout off about others 'obnoxious arrogance', then ignore what you get told and make snotty comments. And you wonder why no one answers you here???

Do you have any other old farts up your sleeve that you want to share? You know, some template to copy/paste such as (I know you like to do that a lot) telling me that I shouldn't post in this forum if I have a paid Red Hat license or something to that effect? Indeed, the syntax was wrong, but that's not the crux of the problem, which you in an obstinate and senile manner keep ignoring.

In any case, this is always a dead-end with you, so I'll stop here. Do go on and throw those obsolete farts at people, they're going to love it and be encouraged to continue to post.

You are wondering why no one is replying. Read post 8 if you act this on other forums you will get the same result or they may even ban you depending on their fourm rules.

You are perfectly right, also in regards to the ban. At least under normal circumstances. But the awful truth is that TB0ne is by all intents and purposes a bully. Plain and simple. Have a look at his (even recent) history and maybe you can form your own opinion about him. He has a passionate interest in aggressively teaching people a lesson under the guise of help. That's his only goal and that's his fetish. All his questions are accompanied by at least three questions marks, so that he makes sure you know that he's digitally screaming at you. When he helps, he almost does it by mistake.

I know I haven't reacted properly and I don't really take pride in this, it's shitty, indeed, but I felt the need of defending myself equally aggressively. I guess one of my mistakes is partially conflating this forum with his presence, 'cause he is omnipresent here unfortunately. That's not to say that I underestimate the importance of the forum rules, it's frustrating to see people writing half-baked posts asking for help, I know that.

Randomly chosen from his history, have a look at this post (4): https://www.linuxquestions.org/quest...6/#post6375416
There's no shortage of these kinds of posts when it comes to this dinosaur-matron.

By the way, I wondered why no one replied way before writing post 8 :-) So that's not strictly logical.

Probably because you don't actually *TELL ANYONE* what the problem is. You now claim the syntax was wrong, but still provide nothing more in the way of errors/messages, do you??? And still won't provide details, even though you've been asked. What, exactly, do you think anyone can tell you in regards to your first post, when you give no one anything to work with past nftables and "not working"?? You don't SAY what the 'crux of the problem' is, and it's now shifted from post #1 ("cannot add"), to post #6 ("is it possible?"). Again, in simple terms just for you...yes, it's possible, depending on version of nftables, using the syntax you were handed.
Grow up; love how you play the 'bully' card, when your posting history is littered with snark and other crap. Funny how you ignore what you've been told about the syntax, and don't provide details. And you wonder why you can't get answers.

The stock Debian 10 nftables doesn't do what you want...which is why you were asked about version/distro, and nftables. Can't/won't even bother answering. You were given links to syntax which you need 'better', apparently, and a link to a post with an nftables set that requires a tiny bit of modification. And all that is not enough for you.

When you say you need 'better' documentation, I'm guessing that translates to, "I'm very important and smart, so I can't be bothered to read the documentation..someone read it for me, and tell me exactly what to type in.".

Again, good luck and grow up.
Don't wonder; no one responds to you because of your behavior. And if more than one question mark somehow triggers you, see a doctor.

And yet this is what you are, a classical bully who rarely if ever has any actual intention of helping while going on and on about people's not being willing to read the documentation and all that crap. My post history cannot hold a candle to the cesspool you've poured over the threads you've been involved in. This is not even a matter of opinion. You're stricken with hysteria and you're telling others to grow up.

Assuming that eventually Jeremy will deal with this since this subforum's moderators haven't been active for years.

vincix,

You do need to not say things like post #4 for politeness sake and if you wish help.

Moving forwards, you do need to be less reactive to taunts and especially where you add common insults, profanities, and arguments with your responses.

TB0ne,

You've shown a lengthy history to be firm with answers. While you tend to always include something regarding technical advice; however you know very well that off-topic arguing alone is a problem, so I feel you are conveniently skirting this type of situation.

----------

The arguing needs to stop, this thread is a train wreck.

While I can't edit posts here or remove them, or lock the thread, I and other mods can give you warnings, infractions, and bans.

As your elders likely taught you, "if you have nothing nice to say, then say nothing"

Stay on topic, no more combined arguments posts with continued reminders and/or side along advice.

No more CAPS.

Give advice alone and give results feedback solely to help make further progress.

Or not if there's no advice.

I wouldn't notice this if neither or both of you weren't reporting posts, but now those reports are there and no one is resolving them, so one month, one day, one year if I happen to recheck and find that the two of you have continued, I will then take action. I'm NOT going to monitor this daily, I don't actually visit this subforum much. I'm not on LQ 24x7x365, and I don't WANT to have to act.

But I will.

3 members found this post helpful.