@bipton said in The traffic download limit only applies half of what I give it. why?:

rules used default gateway

There is this, scheduled for 2.8...?

https://redmine.pfsense.org/issues/14854
"...if the gateway is left to default the limiter works as expected but if a specific gateway or a gateway group is specified the limiter [drops by half]."

@adrianx

in the mean time you could try and find the differences between the DDOS packets & the good packets by doing packet captures (& analyzing them in wireshark)

If you set pfBlocker to "native alias" instead of block, that will just create an alias and you can create your own block/allow rules however you want them.

@bobbenheim said in How to limit incoming packets per second per ip?:

@NogBadTheBad Doing bandwidth limiting i can understand, packet limiting i can not :)

Yup I'm not sure he actually means packet limiting ☺