From: Rudi Starcevic <tech@wildcash.com>
To: netfilter@lists.netfilter.org
Subject: Odd -m state Error Msg
Date: Mon, 12 Mar 2007 14:11:17 +0800 [thread overview]
Message-ID: <45F4EF05.3060202@wildcash.com> (raw)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I've just built a new 2.6.20.1 kernel and am seeing
this error from my standard firewall script:
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables: Invalid argument
I've checked and checked and just not sure why my INPUT
state command is now not happy ???
Any ideas what I've done wrong with this new kernel?
Any advise much appreciated .. thanks ...
/usr/src/linux# grep -i netfilter .config
CONFIG_NETFILTER=y
# CONFIG_NETFILTER_DEBUG is not set
CONFIG_BRIDGE_NETFILTER=y
# Core Netfilter Configuration
# CONFIG_NETFILTER_NETLINK is not set
CONFIG_NETFILTER_XTABLES=m
# CONFIG_NETFILTER_XT_TARGET_CLASSIFY is not set
# CONFIG_NETFILTER_XT_TARGET_MARK is not set
# CONFIG_NETFILTER_XT_TARGET_NFQUEUE is not set
# CONFIG_NETFILTER_XT_TARGET_NFLOG is not set
# CONFIG_NETFILTER_XT_MATCH_COMMENT is not set
# CONFIG_NETFILTER_XT_MATCH_CONNBYTES is not set
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
# CONFIG_NETFILTER_XT_MATCH_DCCP is not set
# CONFIG_NETFILTER_XT_MATCH_DSCP is not set
# CONFIG_NETFILTER_XT_MATCH_ESP is not set
# CONFIG_NETFILTER_XT_MATCH_HELPER is not set
# CONFIG_NETFILTER_XT_MATCH_LENGTH is not set
CONFIG_NETFILTER_XT_MATCH_LIMIT=m
# CONFIG_NETFILTER_XT_MATCH_MAC is not set
# CONFIG_NETFILTER_XT_MATCH_MARK is not set
# CONFIG_NETFILTER_XT_MATCH_POLICY is not set
# CONFIG_NETFILTER_XT_MATCH_MULTIPORT is not set
# CONFIG_NETFILTER_XT_MATCH_PHYSDEV is not set
# CONFIG_NETFILTER_XT_MATCH_PKTTYPE is not set
# CONFIG_NETFILTER_XT_MATCH_QUOTA is not set
# CONFIG_NETFILTER_XT_MATCH_REALM is not set
# CONFIG_NETFILTER_XT_MATCH_SCTP is not set
CONFIG_NETFILTER_XT_MATCH_STATE=m
# CONFIG_NETFILTER_XT_MATCH_STATISTIC is not set
# CONFIG_NETFILTER_XT_MATCH_STRING is not set
# CONFIG_NETFILTER_XT_MATCH_TCPMSS is not set
# CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set
# IP: Netfilter Configuration
# IPv6: Netfilter Configuration (EXPERIMENTAL)
# DECnet: Netfilter Configuration
# Bridge: Netfilter Configuration
- --
Thank you.
Regards,
Rudi.
- -- Wildcash.com Support
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF9O8FgOUisCetzRYRAgZ4AJkBf7Kxs7b0OAeeV2qHY/Y4ArHXpACfV+2S
xjEh4Xq8PRD/a2LyuQDrwlY=
=16xX
-----END PGP SIGNATURE-----
next reply other threads:[~2007-03-12 6:11 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-03-12 6:11 Rudi Starcevic [this message]
2007-03-12 6:36 ` Odd -m state Error Msg Graham Murray
2007-03-12 6:46 ` Rudi Starcevic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45F4EF05.3060202@wildcash.com \
--to=tech@wildcash.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.