1
2
3
4
5
6
7
8
9
iptables -A INPUT -p icmp -m limit --limit 39.6/m --limit-burst 1 -j DROP


# it will cause 2 out of 3 icmp replies to fail when executing a ping like
# ping -c 3 -i 1 -w 3 10.10.10.10
#
# we needed 1 out of 3 successful ping replies in, so that's 2/3 ~= 0.67 replies per second
# since we cannot use less than 0 values, we up the scale to the minute, so
# 0.67 * 60 = 39.6 replies in 1 minute :-)