diff --git a/iptables/iptables_conntrack.sh b/iptables/iptables_conntrack.sh
index ca7941f..624eab4 100644
--- a/iptables/iptables_conntrack.sh
+++ b/iptables/iptables_conntrack.sh
@@ -1,9 +1,9 @@
 #!/bin/bash
 ## Iptables 2016-07-21
 ## http://www.aqzt.com
-##email: ppabc@qq.com
-##robert yu
-##centos 7
+## email: ppabc@qq.com
+## robert yu
+## centos 7
 
 
 #查看
diff --git a/iptables/iptables_limit.sh b/iptables/iptables_limit.sh
new file mode 100644
index 0000000..27a2672
--- /dev/null
+++ b/iptables/iptables_limit.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+## Iptables 2016-09-23
+## http://www.aqzt.com
+## email: ppabc@qq.com
+## robert yu
+## centos 6
+## iptables 流量限制，可以通过调整--limit-burst 10值来控制流入 流出
+/sbin/iptables -F
+
+/sbin/iptables -A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
+/sbin/iptables -A INPUT -s 127.0.0.1 -j ACCEPT
+/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+/sbin/iptables -A INPUT -s 192.168.1.111 -j ACCEPT
+/sbin/iptables -A INPUT -s 192.168.1.112 -j ACCEPT
+/sbin/iptables -A INPUT  -p tcp --dport 22  -j ACCEPT
+/sbin/iptables -A INPUT  -p tcp --dport 80  -j ACCEPT
+/sbin/iptables -A INPUT -s 192.168.56.101 -m limit --limit 2400/s --limit-burst 10 -j ACCEPT 
+/sbin/iptables -A INPUT -s 192.168.56.101 -j DROP
+/sbin/iptables -A FORWARD -d 192.168.56.101 -m limit --limit 2400/s --limit-burst 10 -j ACCEPT 
+/sbin/iptables -A FORWARD -d 192.168.56.101 -j DROP
+/sbin/iptables -A FORWARD -s 192.168.56.101 -m limit --limit 2400/s --limit-burst 10 -j ACCEPT 
+/sbin/iptables -A FORWARD -s 192.168.56.101 -j DROP
+/sbin/iptables -A OUTPUT  -s 192.168.56.101 -m limit --limit 2400/s --limit-burst 10 -j ACCEPT 
+/sbin/iptables -A OUTPUT  -s 192.168.56.101 -j DROP
+/sbin/iptables -A INPUT -j REJECT
+/sbin/iptables -A FORWARD -j REJECT
+/sbin/iptables -A OUTPUT -j ACCEPT
+
+/sbin/service iptables save
+echo ok
\ No newline at end of file