Hello. I need help with connlimit extention. My problem is that when I issue: iptables -A INPUT -p tcp --syn --dport 23 -m connlimit --connlimit-above 10 -j REJECT I get an error: iptables: No chain/target/match by that name It seems to me that I have not patched kernel, as I do not have /usr/src/linux/include/linux/netfilter_ipv4/ipt_connlimit.h in my kernel sources. From HOWTO I know that I need to run runme to patch iptables and kernel. But when I issue command, it tells me that I've already have patched kernel and iptables: ************listing of runme************* # ./runme connlimit Hey! KERNEL_DIR is not set. Where is your kernel source directory? [/usr/src/linux] Hey! IPTABLES_DIR is not set. Where is your iptables source code directory? [/usr/src/iptables] /root/iptables Loading patchlet definitions...................................................................................... done Welcome to Patch-o-matic ($Revision: 3733 $)! Kernel: Â 2.6.11, /usr/src/linux Iptables: 1.3.1, /root/iptables Each patch is a new feature: many have minimal impact, some do not. Almost every one has bugs, so don't apply what you don't need! ------------------------------------------------------- Already applied: Excellent! Source trees are ready for compilation. ****************end of listing runme********************* I had the only kernel in my directory. I have right symlink. I exported KERNEL_DIR, IPTABLES_DIR, tried vanilla sources, but still no luck. Why ./runme tell me that everything is patched although it's not? How runme checks that I have this patch installed? Can I can install patch manually? BTW. iptables are patched normaly and I have: /usr/local/lib/iptables/libipt_connlimit.so file. What is the problem with kernel. Where is my problem? Thank you for your help in advance, Peter.
