Description of problem: The iptables package does not have the connrate module (/lib/iptables/libipt_connrate.so) Version-Release number of selected component (if applicable): iptables-1.3.0-2 How reproducible: Always Steps to Reproduce: iptables -A INPUT -p tcp --dport 4567 -m connrate --connrate ! 0:30720 -j DROP Actual results: iptables v1.3.0: Couldn't load match `connrate':/lib/iptables/libipt_connrate.so: cannot open shared object file: No such file or directory Try `iptables -h' or 'iptables --help' for more information. Expected results: The rule should be accepted Additional info: The release iptables-1.3.5-1.2 has the same problem
connlimit is not enabled in the kernel and is not available in glibc-kernheaders. Assigning to kernel. Please reassign to glibc-kernheaders and iptbales after it made it into the kernel.
This will happen a lot faster if you ask the upstream developers to push this to the next upstream kernel release.