1 |
Hello. |
2 |
|
3 |
I have problem with connlimit module for iptables. |
4 |
|
5 |
~ # uname -r |
6 |
2.6.15-gentoo-r1 |
7 |
|
8 |
~ # grep -i match_limit /usr/src/linux/.config |
9 |
CONFIG_IP_NF_MATCH_LIMIT=m |
10 |
|
11 |
~ # lsmod | grep limit |
12 |
ipt_limit 2240 2 |
13 |
|
14 |
~ # iptables -V |
15 |
iptables v1.3.4 |
16 |
|
17 |
~ # equery uses iptables |
18 |
[ Searching for packages matching iptables... ] |
19 |
[ Colour Code : set unset ] |
20 |
[ Legend : Left column (U) - USE flags from make.conf |
21 |
] |
22 |
[ : Right column (I) - USE flags packages was installed |
23 |
with ] |
24 |
[ Found these USE variables for net-firewall/iptables-1.3.4 ] |
25 |
U I |
26 |
+ + extensions : Enable support for 3rd patch-o-matic extensions |
27 |
- - ipv6 : Adds support for IP version 6 |
28 |
- - static : !!do not set this during bootstrap!! Causes binaries |
29 |
to be statically linked instead of dynamically |
30 |
--- end of code |
31 |
|
32 |
|
33 |
... and finally: |
34 |
|
35 |
|
36 |
~ # iptables -I OUTPUT -m connlimit --connlimit-above 50 -j DROP |
37 |
iptables: No chain/target/match by that name |
38 |
|
39 |
|
40 |
There is different error information in newer version (1.3.5) of iptables: |
41 |
|
42 |
Code: |
43 |
~ # iptables -I OUTPUT -m connlimit --connlimit-above 50 -j DROP |
44 |
iptables: Unknown error 4294967295 |
45 |
|
46 |
|
47 |
Other rules added to OUTPUT chain works fine, only connlimit produce |
48 |
errors. Is it a bug (should I send it on bugtrack) or there is something |
49 |
wrong with my system or bad syntax with using connlimit? |
50 |
|
51 |
-- |
52 |
Best regards, MZ |
53 |
-- |
54 |
gentoo-user@g.o mailing list |