Thanks for the quick response!
Just an FYI, and that is Ubuntu server 10.10 has iptables 1.4.4, and --reap works. Ubuntu server 11.10 has iptables 1.4.10, and --reap works. I use both of those distributions for game servers, and want to switch them to Centos 6.2.
However, the iptables rules I use to protect some of the older q3-protocol linux servers just flat out won't work with Centos 6.2. Not having the --reap option breaks retirement in dynamic whitelisting of players.
Centos 6.2 is newer (12.11) than either of those distributions. It's just frustrating to be using a feature that's been in Ubuntu so long and find out that its not in the latest release of Centos.
I even recompiled and installed the latest iptables (1.4.13) from www.netfilter.org
. The end result was that iptables no longer barked about the --reap option, but it just didn't work. It wasn't until I did some further digging did I realize that it has to be in the xt_recent kernel module too, and that all I did was make the iptables program not complain about a feature not there.
I guess the only thing to do it to try to rebuild the xt_recent kernel module myself to get --reap? I really would like to use Centos 6.2 instead of Ubuntu Server, but at this point I just can't.