From: Josh Grebe <[EMAIL PROTECTED]> Subject: Re: 2.4 kernels and max # of rules with iptables Date: Wed, 17 Aug 2005 13:53:38 -0500
> I guess that would help... > > kmalloc failed, size of kreplsize is 939608 Yes, when running 32-bit programs on a 64-bit kernel, there will be a hard limit of how many ipt_replace entries can be loaded because we have to copy the user's rule set into a kernel copy and therefore we have to allocate kmalloc() memory to hold that. You _could_ experiment with making the code there use vmalloc()/vfree() instead, and if you get it working cleanly I'd be happy to add such a patch to fix this. - To unsubscribe from this list: send the line "unsubscribe sparclinux" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
