#! /bin/bash

IPTABLES="sudo /sbin/iptables"

$IPTABLES --new-chain RATE-LIMIT
$IPTABLES --append INPUT --match conntrack --ctstate NEW --jump RATE-LIMIT
$IPTABLES --append RATE-LIMIT --match limit --limit 5/sec --limit-burst 20 --jump ACCEPT #5 packages per second
$IPTABLES --append RATE-LIMIT --jump DROP

echo "iptables input chain is now rate limiting"