Hello. I have problem with connlimit module for iptables.
~ # uname -r 2.6.15-gentoo-r1 ~ # grep -i match_limit /usr/src/linux/.config CONFIG_IP_NF_MATCH_LIMIT=m ~ # lsmod | grep limit ipt_limit 2240 2 ~ # iptables -V iptables v1.3.4 ~ # equery uses iptables [ Searching for packages matching iptables... ] [ Colour Code : set unset ] [ Legend : Left column (U) - USE flags from make.conf ] [ : Right column (I) - USE flags packages was installed with ] [ Found these USE variables for net-firewall/iptables-1.3.4 ] U I + + extensions : Enable support for 3rd patch-o-matic extensions - - ipv6 : Adds support for IP version 6 - - static : !!do not set this during bootstrap!! Causes binaries to be statically linked instead of dynamically --- end of code ... and finally: ~ # iptables -I OUTPUT -m connlimit --connlimit-above 50 -j DROP iptables: No chain/target/match by that name There is different error information in newer version (1.3.5) of iptables: Code: ~ # iptables -I OUTPUT -m connlimit --connlimit-above 50 -j DROP iptables: Unknown error 4294967295 Other rules added to OUTPUT chain works fine, only connlimit produce errors. Is it a bug (should I send it on bugtrack) or there is something wrong with my system or bad syntax with using connlimit? -- Best regards, MZ -- gentoo-user@gentoo.org mailing list