Re: Is connlimit available in etch? Will it be available in future?
On 2008-10-17 Nick Y Kuzminyh wrote:
> Friday, October 17, 2008, 3:02:58 PM, you wrote:
>> connlimit is part of the Linux kernel, i.e. whether you have it or not
>> depends on your kernel version and which options are compiled into it,
>> not on the distribution.
>
> Yes, surely, and the next question is the following:
> When kernel with CONNLIMIT option compiled into it will be available
> in Debian distribution?
No idea. I'm a proponent of "always compile your own kernel" anyway.
> I found similar questions in Debian support forums since 2005 year.
> Is is a difficult thing for Debian developers team to add support of
> connlimit?
Not AFAICS. But that's a question you should ask to the maintainer of
the respective kernel package.
>> zgrep CONNLIMIT /proc/config.gz
>
> This command returned nothing. Obviously, kernel 2.6.18-6-amd64
> doesn't support connlimit.
Then you have to compile your own kernel if you want connlimit.
>> Did you actually load the module?
>> modprobe libipt-connlimit
>
> This command returns to me:
> FATAL: Module libipt_connlimit not found.
My bad. This certainly cannot work, see my other mail.
> Is there any way to get "connlimit" support with no trouble of
> compiling my own version of Debian kernel?
No. If the option isn't part of the distribution kernel, you have to
compile your own kernel to enable it.
Regards
Ansgar Wiechers
--
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html
Reply to: