Greetings folks,
I've been researching the various iptables modules that are included
with the stock CentOS4 distro; particularly the connlimit module.
Is connlimit included by default?
I thought it is since performing
# iptables -m connlimit --help
returns information on connlimit usage along with the general iptables
help info:
<SNIP>
connlimit v1.2.11 options:
[!] --connlimit-above n match if the number of existing tcp
connections is (not) above n
--connlimit-mask n group hosts using mask
</SNIP>
The library seems to exist also:
/lib/iptables/libipt_connlimit.so
However, creating a rule that uses connlimit fails:
# iptables -A INPUT -p tcp -m connlimit --connlimit-above 2 --dport \
smtp -j REJECT
iptables: No chain/target/match by that name
#
So, am I missing something simple? Or am I limited to using netfilter's
patch-o-matic and compiling a custom kernel (that I *really* do not want
to do)?
Thank you so much,
Andrew Hull
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
