This was observed on RHEL3 U2 on a HP RX2600 based machine. When you attempt to use the "limit" module, you get an unresolved symbol error. Here is the way I tried to use limit: -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -m limit --limit 3 The result when starting iptables: [root@singsing sysconfig]# /etc/init.d/iptables restart Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: filter [ OK ] Unloading iptables modules: [ OK ] Applying iptables firewall rules: ip_tables: (C) 2000-2002 Netfilter core team iptables-restore v1.2.8: Couldn't load match `limit':/lib/iptables/libipt_limit.so: undefined symbol: __udivsi3 Error occured at line: 12 Try `iptables-restore -h' or 'iptables-restore --help' for more information. [FAILED] This does not seem to be an issue with RHEL4 0830 on Altix. It also seems to be that if you rebuild the RPM to not use shared libraries, the problem goes away.
Same thing here on an IA64. # cat /etc/redhat-release Red Hat Enterprise Linux AS release 3 (Taroon Update 6) # uname -a Linux rayden.oscer.ou.edu 2.4.21-37.EL #1 SMP Wed Sep 7 13:24:42 EDT 2005 ia64 ia64 ia64 GNU/Linux # iptables -A INPUT -m limit --limit 1/sec -j LOG --log-prefix "DROP: " --log-level 6 iptables v1.2.8: Couldn't load match `limit':/lib/iptables/libipt_limit.so: undefined symbol: __udivsi3 Try `iptables -h' or 'iptables --help' for more information. #
requested by Jams Antill
This request was evaluated by Red Hat Engineering for inclusion in a Red Hat Enterprise Linux maintenance release. Red Hat does not currently plan to provide this change in a Red Hat Enterprise Linux update release for currently deployed products. With the goal of minimizing risk of change for deployed systems, and in response to customer and partner requirements, Red Hat takes a conservative approach when evaluating enhancements for inclusion in maintenance updates for currently deployed products. The primary objectives of update releases are to enable new hardware platform support and to resolve critical defects. However, Red Hat will further review this request for potential inclusion in future major releases of Red Hat Enterprise Linux.