Page 1 of 1

iptables connlimit on CentOS 5 with 2.6.32-042 kernel?

Posted: 2017/03/06 10:04:22
by postcd
How it is possible to make iptables connlimit working on an outdated CentOS 5.9 64bit running on kernel 2.6.32-042 (OpenVZ)? (without doing anything with kernel)

Kernel modules are loaded on the host server already

$ lsmod|grep connl
xt_connlimit 3254 3
nf_conntrack 80313 14

and connlimit working on Centos6, not on Centos5 (showing: [Error: iptables: Unknown error 18446744073709551615] - Required for CONNLIMIT feature)

Installed Packages: iptables.x86_64 1.3.5-9.2.el5_8

My aim is to limit number of connections an IP can do on post 80

Found this and this and unsure if it can be anyhow solution for me.

Re: iptables connlimit on CentOS 5 with 2.6.32-042 kernel?

Posted: 2017/03/06 10:19:38
by TrevorH
That is an openvz kernel and parameters to its modules are controlled by the host. You need to contact your hoster to fix this.

Also, CentOS 5 now has less than 4 weeks of life left - you need to be getting off CentOS 5 and onto a supported version ASAP. All security updates stop for CentOS 5 on March 31st.