From fd46313f932c138ad02985b197419c105deee3a6 Mon Sep 17 00:00:00 2001
From: Viyurz <128215328+Viyurz@users.noreply.github.com>
Date: Wed, 29 Nov 2023 19:00:29 +0000
Subject: [PATCH] nftables: Reorder rules + lowered rates

---
 nftables.conf | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/nftables.conf b/nftables.conf
index 9878bbf..873094b 100755
--- a/nftables.conf
+++ b/nftables.conf
@@ -11,15 +11,15 @@ table inet filter {
 		ct state invalid drop
 		ct state { established, related } accept
 
-		# Allow ICMP
-		meta l4proto icmp limit rate 2/second accept
-		meta l4proto ipv6-icmp limit rate 2/second accept
-				
+		# HTTP
+		tcp dport { http, https } limit rate 5/second accept
+
 		# SSH
 		tcp dport 995 limit rate 15/minute accept
 
-		# HTTP
-		tcp dport { http, https } limit rate 25/second accept
+		# Allow ICMP
+		meta l4proto icmp limit rate 1/second accept
+		meta l4proto ipv6-icmp limit rate 1/second accept
 	}
 
 	chain forward {