This bug is in regards to the iptables/firewall section of the Gentoo Security Guide. In the firewall script in both the "Incoming Traffic" and the "Catch portscanners" section the syntax is used as follows: --limit 1/second OR --limit 5/minute Using iptables v1.2.9 this does not work. The syntax seems to have changed to: --limit 1/sec OR --limit 5/min The following also works: --limit 1/s OR --limit 5/m All instances where --limit is used should be changed (or noted not to work with newer versions of iptables).
I'll hold this one until I'm sure this is a permanent change. The iptables documentation still mentions "second", "minute", etc. http://www.iptables.org/documentation/HOWTO/packet-filtering-HOWTO.txt
The man page still lists "/second" (in full). The mailinglists don't talk about any change regarding this. If iptables indeed fails recognising this atm, then this is a bug in iptables that will be fixed in a new version. However, I believe that there is no issue here. Can you tell me a bit more about the error you receive when you run iptables with the full time?
Well I just tried it again and after a recent format (playing around with encryption) the problem has gone away. It really did do that though, I believe I was talking to solar or someone in #gentoo-hardened and as soon as I changed it to "sec" from "second" it worked. However now "second" works, so I don't know what happened. I guess the bug can be closed as a freak incident :)
Blame solar *cough* :-)