Page 1 of 1

iptables connlimit problem

Posted: 2006/10/04 22:22:15
by jmsykim
I installed the CentOS4.4 (2.4.9-42.EL) and set up the iptables.

However I got a problem in the following:

# iptables -A INPUT -p tcp --dport 80 -m connlimit --connlimit-above 10 -j DROP
the error:
iptables: No chain/target/match by that name

Is there anything wrong? I think not in the sentence.

And, If I execute:
# iptables -m connlimit -h
connlimit v1.2.11 options:
[!] --connlimit-above n match if the number of existing tcp connections is (not) above n
--connlimit-mask n group hosts using mask

It means the connlimit is available in the system.

Can anybody help me, please?

Re: iptables connlimit problem

Posted: 2010/01/05 02:15:25
by gmin1004

CentOS can't support iptables connlimit modules.

If you wanna use connlimit module, you have to upgrade kernel >= 2.6.29

And you have to choose some feature in menuconfig...