search for: libipt_connlimit

...g with the general iptables help info: <SNIP> connlimit v1.2.11 options: [!] --connlimit-above n match if the number of existing tcp connections is (not) above n --connlimit-mask n group hosts using mask </SNIP> The library seems to exist also: /lib/iptables/libipt_connlimit.so However, creating a rule that uses connlimit fails: # iptables -A INPUT -p tcp -m connlimit --connlimit-above 2 --dport \ smtp -j REJECT iptables: No chain/target/match by that name # So, am I missing something simple? Or am I limited to using netfilter's patch-o-matic and compiling a...

...occurs unknown error: 4294967295 The whole line is for instance: iptables -A FORWARD -p tcp --dport 0:65535 --syn -m connlimit --connlimit- above 50 --connlimit-mask 32 -j REJECT --reject-with tcp-reset. installing the 1.3.4 version gives nothing - after compilling and installing back 1.3.5 the libipt_connlimit.so file is present in the /usr/local/lib/iptables/ directory, but system doesn't work properly. Still generating "iptables: Unknown error 4294967295" -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because:...

...m connlimit --help ......... connlimit v1.3.5 options: [!] --connlimit-above n match if the number of existing tcp connections is (not) above n --connlimit-mask n group hosts using mask ----------------------------------------- The library seems to exist also: /lib64/iptables/libipt_connlimit.so However, creating a rule that uses connlimit fails: #$IPTABLES -A tcp_traffic_in -p tcp --dport 80 -m connlimit --connlimit-above 2 -j DROP iptables: Unknown error 4294967295 So, am I missing something? Or am I limited to using netfilter's patch-o-matic and compiling a custom kernel (that...

hi, i try use iptables connlimit, # iptables -I INPUT -p tcp --dport 80 -m connlimit --connlimit-above 16 --connlimit-mask 24 -j DROP iptables: Unknown error 4294967295 where is problem ? thanks # rpm -qa | grep iptables iptables-1.3.5-4.el5 # uname -a Linux test 2.6.18-92.1.1.el5 #1 SMP Sat Jun 21 19:04:27 EDT 2008 i686 i686 i386 GNU/Linux

Hello, You will find in attachment the layout of my current physical configuration. For now, the Cable ISP is not used. Since it is a dynamic ISP, my mailserver is rejected and my domain name registers on blacklists like ORDB and al. I want it to be used as a default gateway except for my mail server that would be seen as coming from my "honest" ADSL ISP. Here is