richard lucassen a écrit : > When using the "recent" module and when the hitcount max (defaults to > 20) is violated, "iptables-restore" is testing the file OK, but fails > on loading the filter table: > > The file "iptables.save" contains the rule (note: "--hitcount 21" > exceeds the default max of 20): > > -A INPUT -m state --state NEW -p tcp --dport 443 -m recent --update > --name https --seconds 50 --hitcount 21 -j REJECT > > The -t option (test file) shows an OK: > But: > > # iptables-restore < iptables.save > iptables-restore: line 180 failed > > On line 180 there is the "COMMIT" of the filter table. That sounds like expected behaviour. Where's the bug ? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
