Re: -m recent

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Stephen Frost wrote:


iptables -A INPUT -i eth0 -p all -m recent --name icmps --update -j DROP

iptables -N icmps
iptables -A INPUT -i eth0 -p icmp -j icmps
iptables -A icmps -m recent --name icmps --set -j DROP
iptables -A icmps -j DROP


This looks good to me..  Can you tell me what version of ipt_recent
you're using?  An old version had a bug where the --name only worked
when it was the last option, that may be the problem.

	Stephen
Hey Stephen,

How can I tell what version of ipt_recent I have? I downloaded the latest version of patch-o-matic and installed your patch from there.

I tried using --name in different places but it still doesn't seem to work for whatever reason. Here's what I've tested with now.

iptables -A INPUT -i eth0 -p all -m recent --update -j DROP --name icmps

iptables -N icmps
iptables -A INPUT -p icmp -i eth0 -j icmps
iptables -A icmps -m limit --limit 2/hour --limit-burst 1 -j LOG --log-level alert --log-prefix "icmp: "
iptables -A icmps -m recent --set -j DROP --name icmps
iptables -A icmps -j DROP

Thanks.


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux