Bug#598513: marked as done (iptables: Iptables not accepting rules for ICMP limit)

Sun, 21 Jul 2013 10:21:43 -0700 

Your message dated Sun, 21 Jul 2013 13:19:49 -0400
with message-id 
<CA+0KVf0WN9eCs5R30aJp4UCRBs4ZrAuqJCPiS=gh-j5ouq+...@mail.gmail.com>
and subject line iptables: Iptables not accepting rules for ICMP limit
has caused the Debian Bug report #598513,
regarding iptables: Iptables not accepting rules for ICMP limit
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
598513: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598513
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: iptables
Version: 1.4.8-3
Severity: normal


Hi all,

the rule limiting the number of ICMP packets is not working.
Here a part of the "iptables -L" :

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            limit: avg 2/sec 
burst 5

It is the first rule in the chain.
According to the description, this rule should allow ICMP packets e.g. ICMP 
echo request to localhost, if the rate
is below 2p/s. Otherwise the default DROP policy should be applied to the 
packets.
This does not work, the rate of the ping request/reply is much higher, then 2/s.


-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages iptables depends on:
ii  libc6                         2.11.2-6   Embedded GNU C Library: Shared lib
ii  libnfnetlink0                 1.0.0-1    Netfilter netlink library

iptables recommends no packages.

iptables suggests no packages.

-- no debconf information

--- End Message ---
--- Begin Message --- 
Sorry, but I don't believe this is an iptables bug. Try the Debian or
Netfilter mailing lists for support.

--- End Message ---

Reply via email to