| 1 |
Hello. |
| 2 |
|
| 3 |
I have problem with connlimit module for iptables. |
| 4 |
|
| 5 |
~ # uname -r |
| 6 |
2.6.15-gentoo-r1 |
| 7 |
|
| 8 |
~ # grep -i match_limit /usr/src/linux/.config |
| 9 |
CONFIG_IP_NF_MATCH_LIMIT=m |
| 10 |
|
| 11 |
~ # lsmod | grep limit |
| 12 |
ipt_limit 2240 2 |
| 13 |
|
| 14 |
~ # iptables -V |
| 15 |
iptables v1.3.4 |
| 16 |
|
| 17 |
~ # equery uses iptables |
| 18 |
[ Searching for packages matching iptables... ] |
| 19 |
[ Colour Code : set unset ] |
| 20 |
[ Legend : Left column (U) - USE flags from make.conf |
| 21 |
] |
| 22 |
[ : Right column (I) - USE flags packages was installed |
| 23 |
with ] |
| 24 |
[ Found these USE variables for net-firewall/iptables-1.3.4 ] |
| 25 |
U I |
| 26 |
+ + extensions : Enable support for 3rd patch-o-matic extensions |
| 27 |
- - ipv6 : Adds support for IP version 6 |
| 28 |
- - static : !!do not set this during bootstrap!! Causes binaries |
| 29 |
to be statically linked instead of dynamically |
| 30 |
--- end of code |
| 31 |
|
| 32 |
|
| 33 |
... and finally: |
| 34 |
|
| 35 |
|
| 36 |
~ # iptables -I OUTPUT -m connlimit --connlimit-above 50 -j DROP |
| 37 |
iptables: No chain/target/match by that name |
| 38 |
|
| 39 |
|
| 40 |
There is different error information in newer version (1.3.5) of iptables: |
| 41 |
|
| 42 |
Code: |
| 43 |
~ # iptables -I OUTPUT -m connlimit --connlimit-above 50 -j DROP |
| 44 |
iptables: Unknown error 4294967295 |
| 45 |
|
| 46 |
|
| 47 |
Other rules added to OUTPUT chain works fine, only connlimit produce |
| 48 |
errors. Is it a bug (should I send it on bugtrack) or there is something |
| 49 |
wrong with my system or bad syntax with using connlimit? |
| 50 |
|
| 51 |
-- |
| 52 |
Best regards, MZ |
| 53 |
-- |
| 54 |
gentoo-user@g.o mailing list |
Archives