[CentOS] CentOS 5.0 64bit - can't using ipt_connlimit module

Ocon 8866

ocon8866 at gmail.com
Thu Jan 24 12:02:53 UTC 2008


# iptables -m connlimit --help

.........
connlimit v1.3.5 options:
[!] --connlimit-above n         match if the number of existing tcp
connections is (not) above n
 --connlimit-mask n             group hosts using mask
-----------------------------------------

The library seems to exist also:
/lib64/iptables/libipt_connlimit.so

However, creating a rule that uses connlimit fails:
#$IPTABLES -A tcp_traffic_in -p tcp  --dport 80 -m connlimit
--connlimit-above 2 -j DROP
iptables: Unknown error 4294967295

So, am I missing something? Or am I limited to using netfilter's
patch-o-matic and compiling a custom kernel (that I **really* do not* want
to do)?

Thank you so much

Hoang Phong
Viet Nam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20080124/afaf4e42/attachment.html>


More information about the CentOS mailing list