From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 5537C1382C5 for ; Thu, 24 Dec 2020 09:52:10 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A8D99E0C4A; Thu, 24 Dec 2020 09:52:05 +0000 (UTC) Received: from smarthost01b.mail.zen.net.uk (smarthost01b.mail.zen.net.uk [212.23.1.3]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 452A2E0C33 for ; Thu, 24 Dec 2020 09:52:05 +0000 (UTC) Received: from [82.30.216.240] (helo=peak.localnet) by smarthost01b.mail.zen.net.uk with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1ksNHv-0004fT-M0 for gentoo-user@lists.gentoo.org; Thu, 24 Dec 2020 09:52:03 +0000 From: Peter Humphrey To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] Shorewall config again Date: Thu, 24 Dec 2020 09:52:03 +0000 Message-ID: <1784187.tdWV9SEqCh@peak> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Originating-smarthost01b-IP: [82.30.216.240] Feedback-ID: 82.30.216.240 X-Archives-Salt: d48fe363-7a15-4a4d-be7a-ee6623c35951 X-Archives-Hash: ddfb1017054a64e6a7237afbb910a505 Greetings, I asked about this a long time ago, but I can't find the answer. # shorewall check Checking using Shorewall 5.2.8... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... ERROR: Per-ip log rate limiting requires Hashlimit Match in your kernel and iptables /usr/share/shorewall/helpers (EOF) But: # grep -i hashlimit /usr/src/linux/.config CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m Someone did point me to the answer at the time. All I remember is that it was hidden somewhere obscure in the kernel config. -- Regards, Peter.