iptables connlimit problem

Support for security such as Firewalls and securing linux
Post Reply
Posts: 4
Joined: 2006/10/04 22:09:01

iptables connlimit problem

Post by jmsykim » 2006/10/04 22:22:15

I installed the CentOS4.4 (2.4.9-42.EL) and set up the iptables.

However I got a problem in the following:

# iptables -A INPUT -p tcp --dport 80 -m connlimit --connlimit-above 10 -j DROP
the error:
iptables: No chain/target/match by that name

Is there anything wrong? I think not in the sentence.

And, If I execute:
# iptables -m connlimit -h
connlimit v1.2.11 options:
[!] --connlimit-above n match if the number of existing tcp connections is (not) above n
--connlimit-mask n group hosts using mask

It means the connlimit is available in the system.

Can anybody help me, please?

Posts: 1
Joined: 2010/01/05 02:12:07

Re: iptables connlimit problem

Post by gmin1004 » 2010/01/05 02:15:25


CentOS can't support iptables connlimit modules.

If you wanna use connlimit module, you have to upgrade kernel >= 2.6.29

And you have to choose some feature in menuconfig...

Post Reply