I required the module connlimit to limit the number of connections on one of our Debian firewall boxes. After a while of try and error i found out that the iptables version shipped with debian 1.3.6 doesn’t support the new module format used in 2.6.23+ kernels. So i looked for a backported version of iptables which i did not find 🙁 So i thought i would try and install iptables from source. First download the latest iptables version from Netfilter.

Unpack the tarball

tar -xjvf iptables-1.4.2.tar.bz2

Change directory

cd iptables-1.4.2

configure iptables

./configure --prefix=/usr libdir=/lib bindir=/sbin mandir=/usr/share/man

if you just use ./configure then everything will be installed to /usr/local

make and install iptables

make prefix=/usr libdir=/lib bindir=/sbin mandir=/usr/share/man install

I don’t know why but a few binaries landed in /usr/sbin instead of /sbin so i copied them to the desired location

After that you can check your new iptables version

iptables -v

The only problem i encountered is apps which need iptables as dependency beacuse aptitude will try and install the old version of iptables again as a dependency. Either you install those apps from source as well. Or you can install two versions of iptables one under /usr/local and one under /sbin which can be confusing.