- fw3_pr("-A syn_flood -p tcp --syn");
- fw3_format_limit(&defs->syn_flood_rate);
- fw3_pr(" -j RETURN\n");
-
- fw3_pr("-A syn_flood -j DROP\n");
- fw3_pr("-A delegate_input -p tcp --syn -j syn_flood\n");
+ r = fw3_ipt_rule_create(handle, &tcp, NULL, NULL, NULL, NULL);
+ fw3_ipt_rule_extra(r, "--syn");
+ fw3_ipt_rule_limit(r, &defs->syn_flood_rate);
+ fw3_ipt_rule_target(r, "RETURN");
+ fw3_ipt_rule_append(r, "syn_flood");
+
+ r = fw3_ipt_rule_new(handle);
+ fw3_ipt_rule_target(r, "DROP");
+ fw3_ipt_rule_append(r, "syn_flood");
+
+ r = fw3_ipt_rule_create(handle, &tcp, NULL, NULL, NULL, NULL);
+ fw3_ipt_rule_extra(r, "--syn");
+ fw3_ipt_rule_target(r, "syn_flood");
+ fw3_ipt_rule_append(r, "delegate_input");