On Sunday 2008-12-07 13:49, Florian Weimer wrote: > >It just confused me a bit because I was specifically reporting a bug in >a Debian-modified iptables/kernel combiniation.
Right. In your specific case, the only thing you can do is upgrade to a newer iptables from either upstream or Debian. Because once you patch iptables with your proposal, you break connlimit for all users running the 2.6.18 etch kernel. So the sanest solution is to backport xt_connlimit into 2.6.18 and update iptables for etch... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]