Limit log messages option

what does limit log messages 10/minute do? log ten minutes then stop or log every ten minutes?

1 Like

After reaching the default burst rate limit (which is 5), the system will log 10 packets per minute, which roughly means one packet every 6 seconds.

IMO the minimum meaningful value (if you really want to inspect the rejected traffic) is 5/sec.

1 Like

What value should I use there?
A numeric value express in minute (i.e. 5 or 10) or a keyword combination (5/sec or 5/second or 600/m)?
What keyword can I use (sec, second, min)?

The limit specifies the maximum average number of matches (packets) to allow for a given time period.

You can also use parts of the time units:

3/second is the same as 3/sec and 3/s

1 Like