Bug 207961

I have the "connlimit" extension enabled as a module (CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m) in my kernel, however when emerging iptables (even with the "extensions" USE flags) the compile script fails to recognize the "connlimit" extension and thus does not builds the relevant iptables module.

Reproducible: Always

Steps to Reproduce:
1.set CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m in the kernel .config
2.issue - make && make modules_install and boot the new kernel - or issue make prepare
3.USE="extensions" emerge iptables
Actual Results:  
issuing iptables -A INPUT -p tcp -m connlimit --connlimit-above 1 -j DROP results in the following error message:
iptables v1.3.8: Couldn't load match `connlimit':/lib/iptables/libipt_connlimit.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.

Expected Results:  
the connlimit module should have been built according to the kernel config.

Portage 2.1.3.19 (hardened/x86/2.6, gcc-3.4.6, glibc-2.6.1-r0, 2.6.23-hardened-r4 i686)
=================================================================
System uname: 2.6.23-hardened-r4 i686 Pentium III (Coppermine)
Timestamp of tree: Fri, 25 Jan 2008 18:00:06 +0000
ccache version 2.4 [enabled]
app-shells/bash:     3.2_p17-r1
dev-lang/python:     2.4.4-r6
dev-python/pycrypto: 2.0.1-r6
dev-util/ccache:     2.4-r7
sys-apps/baselayout: 1.12.10-r5
sys-apps/sandbox:    1.2.18.1-r2
sys-devel/autoconf:  2.13, 2.61-r1
sys-devel/automake:  1.4_p6, 1.6.3, 1.7.9-r1, 1.9.6-r2, 1.10
sys-devel/binutils:  2.18-r1
sys-devel/gcc-config: 1.4.0-r4
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.23-r3
ACCEPT_KEYWORDS="x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-mtune=i686 -O2 -pipe -fforce-addr -march=pentium3 -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-mtune=i686 -O2 -pipe -fforce-addr -march=pentium3 -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="ccache distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://adelie.polymtl.ca/ http://ftp.jaist.ac.jp/pub/Linux/Gentoo/ ftp://ftp.ecc.u-tokyo.ac.jp/GENTOO"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="X bash-completion berkdb cracklib crypt dri hal hardened midi mmx nptl nptlonly pam pic readline sdl sse ssl tcpd unicode urandom x86 xorg zlib" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="i810"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY