Hello!
I need iptables for IPv6 being capable of ruling out traffic with connlimit, which works perfectly with IPv4 btw.
But when I try to add some rule to ip6tables with connlimit I get this:
Code:
root@x-shells:~# ip6tables -A OUTPUT -o sit1 -m owner -m connlimit --connlimit-above 1 --dport 6667 -j drop_output
ip6tables v1.3.8: Couldn't load match `connlimit':/usr/lib/iptables/libip6t_connlimit.so: cannot open shared object file: No such file or directory
When I do a slocate for ip6t I get this list:
Code:
root@x-shells:~# slocate libip6t
/usr/lib/iptables/libip6t_HL.so
/usr/lib/iptables/libip6t_ah.so
/usr/lib/iptables/libip6t_ipv6header.so
/usr/lib/iptables/libip6t_hl.so
/usr/lib/iptables/libip6t_mh.so
/usr/lib/iptables/libip6t_rt.so
/usr/lib/iptables/libip6t_LOG.so
/usr/lib/iptables/libip6t_MARK.so
/usr/lib/iptables/libip6t_limit.so
/usr/lib/iptables/libip6t_length.so
/usr/lib/iptables/libip6t_sctp.so
/usr/lib/iptables/libip6t_TCPMSS.so
/usr/lib/iptables/libip6t_connmark.so
/usr/lib/iptables/libip6t_policy.so
/usr/lib/iptables/libip6t_REJECT.so
/usr/lib/iptables/libip6t_multiport.so
/usr/lib/iptables/libip6t_mark.so
/usr/lib/iptables/libip6t_NFQUEUE.so
/usr/lib/iptables/libip6t_frag.so
/usr/lib/iptables/libip6t_NFLOG.so
/usr/lib/iptables/libip6t_physdev.so
/usr/lib/iptables/libip6t_icmp6.so
/usr/lib/iptables/libip6t_standard.so
/usr/lib/iptables/libip6t_esp.so
/usr/lib/iptables/libip6t_mac.so
/usr/lib/iptables/libip6t_eui64.so
/usr/lib/iptables/libip6t_tcp.so
/usr/lib/iptables/libip6t_udp.so
/usr/lib/iptables/libip6t_hashlimit.so
/usr/lib/iptables/libip6t_state.so
/usr/lib/iptables/libip6t_CONNMARK.so
/usr/lib/iptables/libip6t_owner.so
So there sure isn't any libip6t_connlimit.so, but there is a libip6t_limit.so, what is this? Can I use this as well to similar write that kind of rules?