From d211d596c453c6df458ccbe86ae96cdaa24b96b5 Mon Sep 17 00:00:00 2001
From: Viyurz <viyurz@viyurz.fr>
Date: Sun, 25 Feb 2024 19:28:21 +0100
Subject: [PATCH] nftables: Bump burst to 10 packets.

---
 roles/nftables/templates/nftables.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/nftables/templates/nftables.conf b/roles/nftables/templates/nftables.conf
index 1a715c9..5fedc2c 100755
--- a/roles/nftables/templates/nftables.conf
+++ b/roles/nftables/templates/nftables.conf
@@ -38,10 +38,10 @@ table inet filter {
 		# Prevent DDoS
 		# Rate limiting
 		meta nfproto ipv4 meter ratelimit4 \
-			{ ip saddr limit rate over 50/second burst 5 packets } \
+			{ ip saddr limit rate over 50/second burst 10 packets } \
 			add @blackhole_ipv4 { ip saddr }
 		meta nfproto ipv6 meter ratelimit6 \
-			{ ip6 saddr limit rate over 50/second burst 5 packets } \
+			{ ip6 saddr limit rate over 50/second burst 10 packets } \
 			add @blackhole_ipv6 { ip6 saddr }
 		# Max concurrent connections
 		meta nfproto ipv4 meter connlimit4 \