Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Shorewall config problem
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
A.S. Pushkin
Apprentice
Apprentice


Joined: 09 Nov 2002
Posts: 298
Location: dx/dt, dy/dt, dz/dt, t

PostPosted: Wed Jan 16, 2019 2:48 am    Post subject: Shorewall config problem Reply with quote

When I run #shorewall start I get:
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...

ERROR: Per-ip log rate limiting requires Hashlimit Match in your kernel and iptables /etc/shorewall/shorewall.conf (EOF)

I've tried to put this into my kernel, but no matter what I do the error persists.

I have only iptables installed at this point. What am I mssing or where in the kernle config is this.

My current kernel is 4.14.83-gentoo

Thanks
_________________
ASPushkin

"In a time of universal deceit - telling the truth is a revolutionary act." -- George Orwell
Back to top
View user's profile Send private message
cboldt
l33t
l33t


Joined: 24 Aug 2005
Posts: 829

PostPosted: Wed Jan 16, 2019 10:27 am    Post subject: Reply with quote

In the kernel ....

CONFIG_NETFILTER_XT_MATCH_HASHLIMIT

is at Networking support -> Networking options -> Network packet filtering framework (Netfilter) -> Core Netfilter Configuration

The menu item is ""hashlimit" match support"

There is a significant amount of kernel dependency. On my system, the dependencies work out as
Depends on: NET [=y] && INET [=y] && NETFILTER [=y] && NETFILTER_XTABLES [=m] && (\
IP6_NF_IPTABLES [=n] || IP6_NF_IPTABLES [=n]=n) && NETFILTER_ADVANCED [=y]

An alternative in your case, assuming you don't need or care about the limits enabled with this function (I don't use it, for what it's worth, and my homebrew firewall fends off a few thousand intrusion attempts a day), is to turn off the hashlimit option in shorewall.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum