Micah Anderson <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > Although the original report says, "After 250 days, the jiffies overflow > and ipt_recent do not work anymore" and is for 2.4, I've actually found > that the code included in 2.6.8 (and probably any kernel version that > includes ipt_recent) causes unexpected issues related to the jiffies as > well, other than the 250 days issue. > > If you have rules that block based on ipt_recent you will find that they > will block much too early at odd times. For example, I have a rule that > will DROP ssh connections if there have been more than 6 seen in the > last 60 seconds, but (seemingly) randomly I will get DROPped on the > first connection.
Lets be quite clear, the ip_recent code is in dire need of a rewrite. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
