thr3ads.net - netfilter buglog - [Bug 469] New: recent match doesn't triger with --hitcount

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon@bugzilla.netfilter.org

2006-Apr-11 17:30 UTC

[Bug 469] New: recent match doesn't triger with --hitcount > 20

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=469

           Summary: recent match doesn't triger with --hitcount > 20
           Product: netfilter/iptables
           Version: linux-2.6.x
          Platform: i386
        OS/Version: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ip_tables (kernel)
        AssignedTo: laforge@netfilter.org
        ReportedBy: tm@del.bg


iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW \
    -m recent --update --seconds 1800 --hitcount 20 -j DROP
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set

If --hitcount is anything above 20 recent doesn't work anymore. This is with
2.6.14.6-grsec and I'm going to test with 2.6.16.3-grsec soon.

-- 
Configure bugmail:
https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Possibly Parallel Threads

Search for more reasonably related threads

netfilter buglog - Apr 2006 - [Bug 469] New: recent match doesn't triger with --hitcount > 20

[Bug 469] New: recent match doesn't triger with --hitcount > 20

Possibly Parallel Threads

Wisdom of the Ancients