Problem with connlimit patched kernel 2.6.23

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello. We're having difficulty getting iptables to work with connlimit.
We're running the latest kernel 2.6.23, and the connlimit modules
are compiled into the kernel.

when I try to add the rule,
iptables -v -A INPUT -p tcp --dport 80 -m connlimit --connlimit-above 16 -j
DROP
I get the following back:
DROP  tcp opt -- in * out *  0.0.0.0/0  -> 0.0.0.0/0  tcp dpt:80 #conn/32 >
16
iptables: Invalid argument

It then puts the following message into /var/log/messages:
ip_tables: connlimit match: invalid size 32 != 16

Any help is greatly appreciated.
Thank you,
Paul Rubin
equilter@xxxxxxxxxxxx 
-
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux