[Firehol-support] Re: Integrating ipt_recent with FireHOL
Carlos Rodrigues
carlos.efr at mail.telepac.pt
Sat Dec 10 20:52:15 GMT 2005
Costa Tsaousis wrote:
> Now, about the recent match, you should know that:
>
> 1. kernel versions prior to 2.6.13 may have issues. Check these:
> http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=2587
> http://blog.blackdown.de/2005/05/09/fixing-the-ipt_recent-netfilter-module/
>
> 2. There are a few limitations you should be aware of. For example, only
> the last 100 hosts are checked.
> Check this:
> http://archives.free.net.ph/message/20051104.100305.7181ab94.en.html#netfilter
Just to give an update on this...
It seems that the "ipt_recent" module isn't trustworthy as it stands now
(even if some are not seeing the "long uptime" problem on newer
kernels). The netfilter team is looking for a mantainter, and if one
isn't found it will be marked EXPERIMENTAL or BROKEN on 2.6.16.
Carlos Rodrigues
More information about the Firehol-support
mailing list