Re: Is connlimit available in etch? Will it be available in future?
Nick Y Kuzminyh a écrit :
Can you please explain me:
* is "connlimit" module available in etch?
The connlimit match support was included in the mainline kernel since
version 2.6.23, so it is not available in the default 2.6.18 kernels
included in Debian etch. However it is available in the newer
2.6.24-etchnhalf kernel which was added to the latest release of Debian
etch, 4.0r4. For more details about "etch-and-half", see
You could have searched in the package base at
In the keyword field type "connlimit", select "packages that contain
files whose names contain the keyword" and distribution "stable".
Note that the kernel module is named xt_connlimit, not ipt_connlimit.
Anyway you should not need to load the module explicitly. The prefix xt_
means that it supports both IPv4 (iptables) and IPv6 (ip6tables).
However the iptables version 1.3.6 included in etch does not support yet
the IPv6 connlimit match. It requires iptables 1.4.0 at least (lenny
will provide 1.4.1), and the shared library will be named
libxt_connlimit.so (you should not need to care about it either). If you
don't use connlimit with ip6tables you don't need to worry about it.