Bug 208014 - libipt_dstlimit missing from iptables package
libipt_dstlimit missing from iptables package
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: glibc-kernheaders (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: David Woodhouse
Brian Brock
: FutureFeature
Depends On:
Blocks: 218848
  Show dependency treegraph
Reported: 2006-09-25 16:41 EDT by Terry Jones
Modified: 2007-11-16 20:14 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-12-08 09:30:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Terry Jones 2006-09-25 16:41:36 EDT
Description of problem:
Error when trying to insert iptables rule with -m dstlimit flag. Reports
libipt_dstlimit.so missing

Version-Release number of selected component (if applicable):

How reproducible:
Every time

Steps to Reproduce:
1. load iptables
2. try to add rule with -m dstlimit 
Actual results:
Error message:
iptables v1.2.11: Couldn't load match
`dstlimit':/lib/iptables/libipt_dstlimit.so: cannot open shared object file: No
such file or directory

Expected results:
Rule to load - no error

Additional info:
Comment 1 Thomas Woerner 2006-09-26 06:05:17 EDT
There is no dstlimit netfilter kernel module in the current RHEL-4 kernel and
ipt_dstlimit.h in not part of glibc-kernheaders.

Please apply to kernel and glibc-kernheaders for inclusion of dstlimit, then
reapply to iptables. 
BTW: dstlimit is not part of the standard iptables build.
Comment 2 Terry Jones 2006-09-26 12:08:05 EDT
Request moved to glibc-kernheaders.

Can we get the dstlimit included in iptables? 
Comment 3 David Woodhouse 2006-12-07 14:18:18 EST
Not a lot of point in that unless we add the feature to our kernel.
Comment 4 Linda Wang 2006-12-07 15:42:03 EST
There are actually two requests here:
dstlimit support in kernel, and to have glibc-kernheader headerfile for
inclusion in U6.  This bug is to track the kernel header file inclusion.
So clone this RFE for dstlimit support in the kernel, and
clone this REF to include libipt_dstlimit into iptables package.
Comment 5 Daniel Riek 2006-12-08 09:16:45 EST
Adding the FutureFeature Keyword.

As this is a feature request we will need a proper business justification to add
it to RHEL4.

At this point the threshhold will be very high, so PM NAKing for now. Will need
to be re-requested.

Comment 6 Daniel Riek 2006-12-08 09:21:58 EST
Additional information:
Upstream the module has been deprecated and replaced by hashlimit. That is in RHEL5
Comment 7 RHEL Product and Program Management 2006-12-08 09:30:54 EST
Product Management has reviewed and declined this request.  You may appeal this
decision by reopening this request. 

Note You need to log in before you can comment on or make changes to this bug.