My problem is that it doesn't seem to work with the merged version:
iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m
connlimit --connlimit-above 20 --connlimit-mask 32 -j DROP
iptables: Invalid argument
connlimit is compiled in:
CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y
Jan Engelhardt wrote:
On Thursday 2008-04-03 14:08, Bgs wrote:
Greetings,
I tried to compile the above setup but the compilation fails. I've
seen this error with 2.6.23/2.6.24 kernels before but used 2.6.22.X in
production. Has anything changed in the way to patch it?
pom is pretty much an ancient blob of code, being replaced by
xtables-addons. connlimit has been merged into mainline, btw.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
