I''m using the following rule on 3 different systems running shorewall-4.5.18 on Gentoo: ACCEPT all all icmp - - - 10/sec:20 shorewall starts fine on 2 of the systems but on the 3rd it fails to start with the following error: iptables-restore: line 119 failed ERROR: iptables-restore Failed. Input is in /var/lib/shorewall/.iptables-restore-input /usr/share/shorewall/lib.common: line 113: 5485 Terminated $SHOREWALL_SHELL $script $options $@ shorewall starts fine if I remove the rate limit. Can anyone tell me what is wrong? I''ve tried 4.5.19 as well. - Grant ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
Hi, Grant wrote:> I''m using the following rule on 3 different systems running > shorewall-4.5.18 on Gentoo: > > ACCEPT all all icmp - - - 10/sec:20 > > shorewall starts fine on 2 of the systems but on the 3rd it fails to > start with the following error: > > [...] > > shorewall starts fine if I remove the rate limit. Can anyone tell me > what is wrong? I''ve tried 4.5.19 as well.Sounds like your kernel configuration on the third system differs. Check CONFIG_NETFILTER_XT_MATCH_LIMIT. -Thomas ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
>> I''m using the following rule on 3 different systems running >> shorewall-4.5.18 on Gentoo: >> >> ACCEPT all all icmp - - - 10/sec:20 >> >> shorewall starts fine on 2 of the systems but on the 3rd it fails to >> start with the following error: >> >> [...] >> >> shorewall starts fine if I remove the rate limit. Can anyone tell me >> what is wrong? I''ve tried 4.5.19 as well. > > Sounds like your kernel configuration on the third system differs. > > Check CONFIG_NETFILTER_XT_MATCH_LIMIT.Bingo. Thanks Thomas. - Grant ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk