increasing ip_list_tot in net/netfilter/xt_recent.c for a non-modular kernel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I'm curious if there's a better solution than local patching like:

diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c
index 0446307516cd..e482d4a3fadf 100644
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -40,7 +40,7 @@ MODULE_LICENSE("GPL");
 MODULE_ALIAS("ipt_recent");
 MODULE_ALIAS("ip6t_recent");

-static unsigned int ip_list_tot __read_mostly = 100;
+static unsigned int ip_list_tot __read_mostly = 10000;
 static unsigned int ip_list_hash_size __read_mostly;
 static unsigned int ip_list_perms __read_mostly = 0644;
 static unsigned int ip_list_uid __read_mostly;

here under a hardened Gentoo Linux using iptables ?

--
Toralf
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux