[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: problem with recent module

I restarted the server without options for modules.

When ai run the line below, show this messagem in dmesg

/sbin/iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set

nf_conntrack version 0.5.0 (4894 buckets, 19576 max)
[13952201.603690] CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use
[13952201.603699] nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or
[13952201.603706] sysctl net.netfilter.nf_conntrack_acct=1 to enable it.

The options ever was configured.

When I run this one, show this.

/sbin/iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60  --hitcount 30 -j DROP

iptables: Invalid argument. Run `dmesg' for more information.

in dmesg nothing is showed more.

I added this line in /etc/sysctl.conf

net.netfilter.nf_conntrack_acct = 1

no sucess yet.

Samuel Rios Carvalho

On Wed, Mar 6, 2013 at 2:47 PM, green <greenfreedom10@gmail.com> wrote:
Samuel Rios Carvalho wrote at 2013-03-06 10:58 -0600:
> I found that hitcount by default is 20. I need at least 30.
> I add this line in /etc/modprobe.d/options (i created this file)
> options ipt_recent ipt_pkt_list_tot=30
> So, I restart server and I run those two lines of iptables, but in dmesg
> show this error and the module doesn´t load.
> xt_recent: Unknown parameter `ipt_pkt_list_tot'

You should not need to use any special module parameters.  Just
specify all parameters in your iptables rule according to the `recent`
module documentation in the iptables manual.

Reply to: