Funny... IPV4 is marked as experimental. And I can compile in
ftp/irc/etc contrack helpers without enabling ipv4 conntrack. Shouldn't
this be a dependency? (require ipv4 or ipv6 conntrack)
Also: the connlimit description says: "This match allows you to match
against the number of parallel connections to a server per client IP
address (or address block)." 1) It's a conntrack module 2) it states
that it's an ipvX module -> but it does not depend on having ipvX
conntrack enabled.
Just recompiled and the rules loaded ok.
Bye
Bgs
Jan Engelhardt wrote:
On Thursday 2008-04-03 16:40, Bgs wrote:
I have this in the kernel:
CONFIG_NF_CONNTRACK_ENABLED=y
CONFIG_NF_CONNTRACK=y
That is not enough, you need the others too, CONFIG_NF_CONNTRACK_IPV4
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
