Hello.
I have problem with connlimit module for iptables.
~ # uname -r
2.6.15-gentoo-r1
~ # grep -i match_limit /usr/src/linux/.config
CONFIG_IP_NF_MATCH_LIMIT=m
~ # lsmod | grep limit
ipt_limit 2240 2
~ # iptables -V
iptables v1.3.4
~ # equery uses iptables
[ Searching for packages matching iptables... ]
[ Colour Code : set unset ]
[ Legend : Left column (U) - USE flags from make.conf
]
[ : Right column (I) - USE flags packages was installed
with ]
[ Found these USE variables for net-firewall/iptables-1.3.4 ]
U I
+ + extensions : Enable support for 3rd patch-o-matic extensions
- - ipv6 : Adds support for IP version 6
- - static : !!do not set this during bootstrap!! Causes binaries
to be statically linked instead of dynamically
--- end of code
... and finally:
~ # iptables -I OUTPUT -m connlimit --connlimit-above 50 -j DROP
iptables: No chain/target/match by that name
There is different error information in newer version (1.3.5) of iptables:
Code:
~ # iptables -I OUTPUT -m connlimit --connlimit-above 50 -j DROP
iptables: Unknown error 4294967295
Other rules added to OUTPUT chain works fine, only connlimit produce
errors. Is it a bug (should I send it on bugtrack) or there is something
wrong with my system or bad syntax with using connlimit?
--
Best regards, MZ
--
gentoo-user@gentoo.org mailing list
