Bug 185294

Summary: iptables missing connrate module
Product: [Fedora] Fedora Reporter: João Mauricio de O. Alves <jmauricio>
Component: kernelAssignee: Dave Jones <davej>
Status: CLOSED UPSTREAM QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 4CC: pfrields, wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-03-17 22:28:30 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description João Mauricio de O. Alves 2006-03-13 12:53:36 UTC 
Description of problem:
The iptables package does not have the connrate module
(/lib/iptables/libipt_connrate.so)

Version-Release number of selected component (if applicable):
iptables-1.3.0-2

How reproducible:
Always


Steps to Reproduce:
iptables -A INPUT -p tcp --dport 4567 -m connrate --connrate ! 0:30720 -j DROP
  
Actual results:
iptables v1.3.0: Couldn't load match
`connrate':/lib/iptables/libipt_connrate.so: cannot open shared object file: No
such file or directory

Try `iptables -h' or 'iptables --help' for more information.


Expected results:
The rule should be accepted

Additional info:
The release iptables-1.3.5-1.2 has the same problem
Comment 1 Thomas Woerner 2006-03-15 09:51:30 UTC 
connlimit is not enabled in the kernel and is not available in glibc-kernheaders.

Assigning to kernel.

Please reassign to glibc-kernheaders and iptbales after it made it into the kernel.
Comment 2 Dave Jones 2006-03-17 22:28:30 UTC 
This will happen a lot faster if you ask the upstream developers to push this to
the next upstream kernel release.