Re: Bug#332381: This problem has broader implications

To: debian-kernel@lists.debian.org
Subject: Re: Bug#332381: This problem has broader implications
From: Horms <horms@verge.net.au>
Date: Wed, 30 Nov 2005 08:05:46 +0000 (UTC)
Message-id: <dmjmgp$nvv$1@sea.gmane.org>
References: <438A0206.30001__16961.6409847096$1133118300$gmane$org@debian.org>

Micah Anderson <micah@debian.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> Although the original report says, "After 250 days, the jiffies overflow
> and ipt_recent do not work anymore" and is for 2.4, I've actually found
> that the code included in 2.6.8 (and probably any kernel version that
> includes ipt_recent) causes unexpected issues related to the jiffies as
> well, other than the 250 days issue.
> 
> If you have rules that block based on ipt_recent you will find that they
> will block much too early at odd times. For example, I have a rule that
> will DROP ssh connections if there have been more than 6 seen in the
> last 60 seconds, but (seemingly) randomly I will get DROPped on the
> first connection.

Lets be quite clear, the ip_recent code is in dire need of a rewrite.

-- 
Horms

Reply to:

Prev by Date: Bug#341393: linux-image-2.6.14-2-686 does not boot on HP Compaq nx8220 Laptop
Next by Date: Bug#341035: kernel-source-2.6.8: [PATCH] CH Products USB yoke and pedals recognized but frozen by SET_IDLE
Previous by thread: Bug#332381: This problem has broader implications
Next by thread: Bug#341014: broken with udev 0.76
Index(es):
- Date
- Thread