[CentOS] centos 5.5: iptables: module recent
Mário Barbosa
mario.barbosa at log.pt
Thu Jan 27 15:32:57 UTC 2011
Hi,
Helmut Drodofsky wrote:
> When I add the line interactive, the result is
>
> [root at host sysconfig]# iptables -A INPUT -m state --state NEW -m recent
> --update --seconds 60 --hitcount 1000 -p tcp --dport 25 -j LOG
> --log-prefix "FW DROP IP Flood: "
>
> iptables: Unknown error 18446744073709551615
IIRC, you may be hitting a hard limit on the --hitcount value. I was
bitten by something similar a few months ago and ended up reducing both
the --hitcount and the --seconds value to achieve roughly the same "math".
HTH,
Mario
More information about the CentOS
mailing list