I required the module connlimit to limit the number of connections on one of our Debian firewall boxes. After a while of try and error i found out that the iptables version shipped with debian 1.3.6 doesn’t support the new module format used in 2.6.23+ kernels. So i looked for a backported version of iptables which i did not find 🙁 So i thought i would try and install iptables from source. First download the latest iptables version from Netfilter.
Unpack the tarball
tar -xjvf iptables-1.4.2.tar.bz2
./configure --prefix=/usr libdir=/lib bindir=/sbin mandir=/usr/share/man
if you just use ./configure then everything will be installed to /usr/local
make and install iptables
make prefix=/usr libdir=/lib bindir=/sbin mandir=/usr/share/man install
I don’t know why but a few binaries landed in /usr/sbin instead of /sbin so i copied them to the desired location
After that you can check your new iptables version
The only problem i encountered is apps which need iptables as dependency beacuse aptitude will try and install the old version of iptables again as a dependency. Either you install those apps from source as well. Or you can install two versions of iptables one under /usr/local and one under /sbin which can be confusing.