Netfilter hashlimit match not working in 2.6.36.2?

		LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Netfilter hashlimit match not working in 2.6.36.2?

Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.

Exclusive for LQ members, get up to 45% off per month. Click here for more info.

Search this Thread

12-10-2010, 04:21 PM	#1
Third of Five LQ Newbie Registered: Dec 2010 Posts: 2 Rep:	Netfilter hashlimit match not working in 2.6.36.2? I have a firewall/router box that runs Slackware. Upgraded the Kernel because of CVE-2010-3081. This broke all of my iptables rules that use hashlimit. Here's one of those rules: iptables -A INPUT -i eth1 -p tcp --syn --dport 22 -m hashlimit --hashlimit 15/hour --hashlimit-burst 3 --hashlimit-htable-expire 600000 --hashlimit-mode srcip --hashlimit-name ssh -j ACCEPT As you can see, all I'm trying to do is limit the number if incoming ssh connections to prevent my logs from being cluttered up with brute force attempts. This rule worked just fine on 2.6.30 but no longer works on 2.6.36.2. I get this error message: iptables: No chain/target/match by that name I found this site, which is old, but suggests that the problem is a missing module called xt_tcpudp. This does not seem to be a standalone module for me though. I enabled EVERY Netfilter option while compiling my kernel and have tried it as modules and built right into the kernel. No dice. Anyone else run into this? I have the feeling that I'm missing something really simple here but can't figure it out for the life for me.

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
[SOLVED] Match datetime by the minute (not an exact match by the second) [mysql]	hattori.hanzo	Programming	1	10-21-2010 05:43 PM
Netfilter Help	rajaashok	Linux - Kernel	1	11-22-2007 12:41 AM
grep/sed/awk - find match, then match on next line	gctaylor1	Programming	3	07-11-2007 08:55 AM
Netfilter and 2.6.16.2	krizzz	Slackware	8	04-13-2006 10:17 PM
netfilter query	cranium2004	Linux - Networking	1	11-21-2004 12:51 PM

All times are GMT -5. The time now is 07:49 AM.

Main Menu

(Con't)

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

Twitter: @linuxquestions