From: Husnu Demir <hdemir@metu.edu.tr>
To: Patrick McHardy <kaber@trash.net>
Cc: Netfilter Developer Mailing List <netfilter-devel@vger.kernel.org>
Subject: Re: -m state is not working.
Date: Tue, 10 Feb 2009 09:07:23 +0200 [thread overview]
Message-ID: <499127AB.2050702@metu.edu.tr> (raw)
In-Reply-To: <4990638A.1090208@trash.net>
[-- Attachment #1: Type: text/plain, Size: 1678 bytes --]
Yes,
I forgat to add that support :) But xt_state should not be seen if
nf_conntrack_ipv4 is not selected on the kernel config. It is useless without
nf_conntrack_ipv4 support.
Thanks.
hdemir.
Patrick McHardy wrote:
> Husnu Demir wrote:
>> Hi,
>>
>> I recently compiled new kernel and tried the following;
>>
>> # iptables -I FORWARD -p tcp -m state --state NEW -j ACCEPT
>> iptables: Invalid argument
>>
>>
>> # uname -a
>> Linux ng-test 2.6.28.3 #4 SMP Thu Feb 5 08:37:37 EST 2009 x86_64
>> GNU/Linux
>>
>> # lsmod
>> Module Size Used by
>> xt_state 4608 0
>> nf_conntrack 64424 1 xt_state
>> iptable_filter 5440 0
>> ip_tables 19408 1 iptable_filter
>> x_tables 23432 2 xt_state,ip_tables
>> ipv6 251328 22
>> sr_mod 17540 0
>> e1000e 111728 0
>> ..
>> ..
>>
>> # modinfo xt_state
>> filename: /lib/modules/2.6.28.3/kernel/net/netfilter/xt_state.ko
>> license: GPL
>> author: Rusty Russell <rusty@rustcorp.com.au>
>> description: ip[6]_tables connection tracking state match module
>> alias: ipt_state
>> alias: ip6t_state
>> vermagic: 2.6.28.3 SMP mod_unload modversions
>> depends: x_tables,nf_conntrack
>>
>> # iptables -V
>> iptables v1.4.2
>>
>>
>> Did I forget to add anything? How can I see what is happing?
>
> I'm guessing you forgot nf_conntrack_ipv4.
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe
> netfilter-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
[-- Attachment #2: hdemir.vcf --]
[-- Type: text/x-vcard, Size: 164 bytes --]
begin:vcard
fn:Husnu Demir
n:Demir;Husnu
email;internet:hdemir@metu.edu.tr
tel;work:+903122103330
tel;fax:+903122103303
x-mozilla-html:FALSE
version:2.1
end:vcard
next prev parent reply other threads:[~2009-02-10 7:07 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-05 14:46 -m state is not working Husnu Demir
2009-02-09 17:10 ` Patrick McHardy
2009-02-10 7:07 ` Husnu Demir [this message]
2009-02-10 9:06 ` Christoph Paasch
2009-02-10 9:15 ` Jan Engelhardt
2009-02-10 11:48 ` Christoph Paasch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=499127AB.2050702@metu.edu.tr \
--to=hdemir@metu.edu.tr \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.