On Sunday 2008-12-07 13:20, Florian Weimer wrote: >> >> The kernel blob never changed, because xt_connlimit was first >> introduced into the kernel in version 2.6.23. *ipt*_connlimit (from >> patch-o-matic) never found its way into the mainline kernel. >> So this is not an upstream bug. > >I'm not sure what you're trying to say. Do you think that etch's >iptables works with connlimit in the etchnhalf kernel? It doesn't. >When I encountered this bug, I wasn't using any self-compiled >software.
I am saying that iff your kernel is an unmodified vanilla one [does not matter who compiled it] and your iptables is also vanilla, that is, if they have _not_ been modified by the distribution, you get a working combination. I am further implying that yes, iptables-1.3.6 from Debian is incompatible with _any_ kernel >= 2.6.23 when you try to use connlimit. Debian happened to patch in ipt_connlimit into their iptables 1.3.6 and kernel 2.6.18. And they (logically) did not do so for 2.6.24, because xt_connlimit is included since then. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]