Problem with ip_recent iptable on CSF firewall
When i try to add value 150 on portflood section of csf,i get following error:
iptables: Unknown error 18446744073709551615
PORTFLOOD tcp opt -- in !lo out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:80 state NEW recent: UPDATE seconds: 5 hit_count: 150 name: 80 side: source
Error: iptables command [/sbin/iptables -v -A INPUT -i ! lo -p tcp --dport 80 -m state --state NEW -m recent --update --seconds 5 --hitcount 150 --name 80 -j PORTFLOOD] failed, at line 996
I posted this on official csf forum and support said how is limitation with ip_recent where highest value for hit_count is 20,and how i need to modify and recompile ip_recent.But i was not able find anything about either modify or recompiling that module.I have cent os 5.4 64 bit,iptables are installed over yum.Also i have 4 servers with completely identical configuration,yet on two servers portflood works while on other two it reporting that error.Maybe it was different install cd which caused this,but again i dont know why this doesnt work since iptables version are indetical.
|