Please help.I need example rule for example if src-add sends tcp-syn packet more X packet/sec for X sec or if src X packet/sec reach add to source list.Thanks for future help.

A single rule is not enough because the matcher matches on packets which are below the packet-per-unit-of-time limit. So you have to create a custom chain (acting as a subroutine) which will return immediately for packets which do not exceed the packets-per-unit-of-time limit for a given source and destination and store the source address of those exceeding it to the address list before returning to the original chain. In the example, the custom chain itself does not care about the particular destination address and/or port, so it depends on you whether you shall add a list to the last rule, which should be placed where you've intended to place your single rule to the or chain (using the parameter). The dst-limit matcher measures the packet rates separately for packets characterized by a combination of properties, see the manual for details and available property sets.

Thnx I will try.