Re: hallo pleae help me. :)

To: debian-firewall@lists.debian.org
Subject: Re: hallo pleae help me. :)
From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
Date: Sun, 16 Dec 2007 19:27:54 +0100
Message-id: <[🔎] 47656E2A.1060503@plouf.fr.eu.org>
In-reply-to: <[🔎] 5bd2109b0712160201v94033cfo53b41786084af289@mail.gmail.com>
References: <[🔎] 5bd2109b0712160201v94033cfo53b41786084af289@mail.gmail.com>

Hello,

Alexandr Shurigin a écrit :


debian:/lib# iptables -A INPUT -p tcp --syn --dport 3128 -m connlimit !
--connlimit-above 5 -j ACCEPT
iptables: No chain/target/match by that name

debian:/lib# modprobe ipt_connlimit
FATAL: Module ipt_connlimit not found.

[...]

how to install connlimit module ?

debian:/lib# uname -a
Linux debian 2.6.18-5-686 #1 SMP Sat Dec 1 22:58:58 UTC 2007 i686 GNU/Linux

The 'connlimit' match support is not included in the mainline kernelbefore version 2.6.23. For earlier kernel versions, you must patch thesources with the patch-o-matic-ng [1]. Note that the 'connlimit' patchis not included any more in the latest patch-o-matic-ng snapshots andmust be downloaded separately [2]. The patch-o-matic-ng may also requirethe iptables sources [3].


[1] <http://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/>

[2] Run "./runme --download" in the patch-o-matic-ng directory beforeapplying the patch by running "./runme connlimit". Then enable theconnlimit match in the kernel config options and rebuild the kernel.

[3] <http://ftp.netfilter.org/pub/iptables/>

Reply to:

References:
- hallo pleae help me. :)
  - From: "Alexandr Shurigin" <alexandr.shurigin@gmail.com>

Prev by Date: hallo pleae help me. :)
Next by Date: Startling Christmas Facts
Previous by thread: hallo pleae help me. :)
Next by thread: Startling Christmas Facts
Index(es):
- Date
- Thread