This is actually a bug with relation to fwbuilder too. Fwbuilder is a feature
rich GUI for making firewall changes, and it contains the GUI elements needed to
add time restraints to firewall rules. When time restraints are added, the
scripts fail due to the mis-compiled iptables.

Time based rules are a basic feature for any complex firewall. Very often times
rules allow a firewall to open for a once-a-day file transfer, and to have a
constantly open port would be a security hazard. This is a good way to limit the
expose of known-weak ports.

I am surprised that this has not been fixed in FC6 since I assume that the
problem is simply an incorrect compile flag. 

The time module is not enabled in the kernel and the header file is therefore
not part of kernel-headers.

Please assign to kernel for inclusion there and then to kernel-headers.

A simple rebuild iptables will then enable it there, too.

There is no config option available for MATCH_TIME. Apparently there have been
some patches floating around but they were never merged into the kernel. How did
that option get into our netfilter package and its manpage?

(Anyone who wants to open and close ports at certain times can do it easily with
a cron job.)

Hello,

I'm reviewing this bug as part of the kernel bug triage project, an attempt to
isolate current bugs in the Fedora kernel.

http://fedoraproject.org/wiki/KernelBugTriage

I am CC'ing myself to this bug, however this version of Fedora is no longer
maintained.

Please attempt to reproduce this bug with a current version of Fedora (presently
Fedora 8). If the bug no longer exists, please close the bug or I'll do so in a
few days if there is no further information lodged.

Thanks for using Fedora!

Closing per previous comment.  If you can provide the requested information,
please feel free to re-open this bug.