I restarted the server without options for modules. When ai run the line below, show this messagem in dmesg
/sbin/iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set nf_conntrack version 0.5.0 (4894 buckets, 19576 max) [13952201.603690] CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use [13952201.603699] nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or [13952201.603706] sysctl net.netfilter.nf_conntrack_acct=1 to enable it. The options ever was configured. When I run this one, show this. /sbin/iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 30 -j DROP iptables: Invalid argument. Run `dmesg' for more information. in dmesg nothing is showed more. I added this line in /etc/sysctl.conf net.netfilter.nf_conntrack_acct = 1 no sucess yet. Samuel Rios Carvalho On Wed, Mar 6, 2013 at 2:47 PM, green <[email protected]> wrote: > Samuel Rios Carvalho wrote at 2013-03-06 10:58 -0600: > > I found that hitcount by default is 20. I need at least 30. > > > > I add this line in /etc/modprobe.d/options (i created this file) > > > > options ipt_recent ipt_pkt_list_tot=30 > > > > So, I restart server and I run those two lines of iptables, but in dmesg > > show this error and the module doesn´t load. > > > > xt_recent: Unknown parameter `ipt_pkt_list_tot' > > You should not need to use any special module parameters. Just > specify all parameters in your iptables rule according to the `recent` > module documentation in the iptables manual. >
