From: "Omar Garcia" <omar.garcia@fractalia.biz>
To: netfilter@lists.netfilter.org
Subject: Re: Connlimit problem
Date: Wed, 26 Jan 2005 16:59:02 +0100 [thread overview]
Message-ID: <008801c503bf$f49109f0$910010ac@coco> (raw)
In-Reply-To: 25214.142.169.215.10.1106754134.squirrel@142.169.215.10
Hi all!!
Thanks.!!
Now I know that the module isn´t compiled. (cat /proc/net/......)
I had patched kernel source with POMng but for any reason the connlimit
patch didn´t apply. I am recompiling a new kernel and patched it from zero.
Thanks, I`ll post my advances.
Regards.
----- Original Message -----
From: "Samuel Jean" <sj-netfilter@cookinglinux.org>
To: "Omar Garcia" <omar.garcia@fractalia.biz>
Cc: <netfilter@lists.netfilter.org>
Sent: Wednesday, January 26, 2005 4:42 PM
Subject: Re: Connlimit problem
> On Wed, January 26, 2005 9:26 am, Omar Garcia said:
> > Hi list,
>
> Hi Omar!
>
> > [...]
> > If i tried in two steps, i confirm that the module connlimit is
installed:
> >
> > BridgeWall:/home/omar# iptables -A PREROUTING -t mangle -m connlimit
> > iptables v1.2.11: You must specify `--connlimit-above'
> > Try `iptables -h' or 'iptables --help' for more information.
>
> This doesn't confirm that it is. This only tests the iptables 'module'
> which I will call, an extension library.
>
> >
> >
> > BridgeWall:/home/omar# iptables -A PREROUTING -t mangle -m connlimit
> > --connlimit-above 12 -j DROP
> > iptables: No chain/target/match by that name
>
> This means the kernel module (called ipt_connlimit) is not loadable or
> compiled at all.
>
> > Any idea????
>
> Yes, patch your kernel or enable this module.
>
> If unsure:
>
> lsmod | grep ipt_connlimit
>
> No result? Then 'modprobe ipt_connlimit'
>
> It works ? Then make sure it properly registered against netfilter:
>
> cat /proc/net/ip_tables_matches | grep connlimit
>
> >
> > Thanks in advange.
> >
> > Regards
> >
>
> HTH,
>
> Samuel
>
>
next prev parent reply other threads:[~2005-01-26 15:59 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-26 14:26 Connlimit problem Omar Garcia
[not found] ` <41F7AFBE.8080509@arcoscom.com>
2005-01-26 15:04 ` Omar Garcia
2005-01-26 16:00 ` Samuel Jean
2005-01-26 15:42 ` Samuel Jean
2005-01-26 15:59 ` Omar Garcia [this message]
-- strict thread matches above, loose matches on Subject: below --
2011-09-09 8:02 connlimit problem Jean-Philippe Menil
2011-09-09 8:55 ` Pandu Poluan
2011-09-09 9:07 ` Jan Engelhardt
2011-09-09 9:12 ` Jozsef Kadlecsik
2011-09-09 9:21 ` Jean-Philippe Menil
2011-09-09 9:22 ` Jozsef Kadlecsik
2011-09-09 9:25 ` Jean-Philippe Menil
2011-09-09 9:33 ` Jozsef Kadlecsik
2004-07-14 9:37 Robert Czechonski
2004-07-14 10:00 ` Antony Stone
2004-07-14 10:02 ` Sven Schuster
2004-03-29 14:02 kamil kapturkiewicz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='008801c503bf$f49109f0$910010ac@coco' \
--to=omar.garcia@fractalia.biz \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.