First off, wow, thank you for the speedy response! I am pretty confident that the kernel we're running supports this feature. Here's why:
$ uname -a Linux ip-172-18-45-20 4.15.0-1025-aws #25-Ubuntu SMP Wed Oct 10 14:23:49 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux Subsequently I found the patch in the kernel tree which I think introduces support for the feature I'm after: https://github.com/torvalds/linux/commit/34ce324019e76f6d93768d68343a0e78f464d754 #diff-b0b059e2ea29367b52cec84db46f33a3R11 If I read the list of tags on that page correctly, this has been part of kernels released since 3.14, which is quite a while ago now. In particular, I see that the kernel I'm running is in that list too. Although for absolute transparency I'm using the Ubuntu released on AWS EC2 instances, but I'm guessing this shouldn't make any difference. Thank you again. $ apt-cache policy linux-image-4.15.0-1025-aws linux-image-4.15.0-1025-aws: Installed: 4.15.0-1025.25 Candidate: 4.15.0-1025.25 Version table: *** 4.15.0-1025.25 500 500 http://us-west-2.ec2.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 100 /var/lib/dpkg/status $ apt-cache policy linux-base linux-base: Installed: 4.5ubuntu1 Candidate: 4.5ubuntu1 Version table: *** 4.5ubuntu1 500 500 http://us-west-2.ec2.archive.ubuntu.com/ubuntu bionic/main amd64 Packages 100 /var/lib/dpkg/status -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1805543 Title: Packaged version of iptables doesn't provide --random-fully flag. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1805543/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
