Mark Morgan Lloyd wrote: > > Jurij Smakov wrote: > > > > On Sat, Feb 10, 2007 at 10:03:29PM +0000, Mark Morgan Lloyd wrote: > > > Is iptables rate limiting still broken with sparc64? Certainly appears > > > to be with Sarge... has anybody ever found a working solution? > > > > Can you post a test case which would allow to reproduce the problem? > > Is there a bug filed for it? Unfortunately, the chances that it's > > going to be fixed for sarge (and for etch, for that matter), are > > pretty slim. > > According to > http://lists.netfilter.org/pipermail/netfilter-devel/2003-November/ > 013031.html it's #218837 which I see is marked "wontfix". Definitely still > broken with a system installed from 3.1r3 CD (plus online upgrades), > canonical solution is to rebuild the package locally but I've seen people > querying the effectiveness of that.
The iptables source includes a special hack so that rebuilding on the target system (i.e. 64-bit kernel, 32-bit userland) fixes the -m limit problem; as far as I can tell this works OK. As a secondary known issue the byte and packet counters might be still be broken but I don't see that as being so important. I appreciate that it's too late to fix anything in Etch and that it won't be backported to Sarge, but basically there need to be distinct debs: one for the 32-bit kernel and one for 64-bit. -- Mark Morgan Lloyd markMLl .AT. telemetry.co .DOT. uk [Opinions above are the author's, not those of his employers or colleagues] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
