Yes, I forgat to add that support :) But xt_state should not be seen if nf_conntrack_ipv4 is not selected on the kernel config. It is useless without nf_conntrack_ipv4 support. Thanks. hdemir. Patrick McHardy wrote: > Husnu Demir wrote: >> Hi, >> >> I recently compiled new kernel and tried the following; >> >> # iptables -I FORWARD -p tcp -m state --state NEW -j ACCEPT >> iptables: Invalid argument >> >> >> # uname -a >> Linux ng-test 2.6.28.3 #4 SMP Thu Feb 5 08:37:37 EST 2009 x86_64 >> GNU/Linux >> >> # lsmod >> Module Size Used by >> xt_state 4608 0 >> nf_conntrack 64424 1 xt_state >> iptable_filter 5440 0 >> ip_tables 19408 1 iptable_filter >> x_tables 23432 2 xt_state,ip_tables >> ipv6 251328 22 >> sr_mod 17540 0 >> e1000e 111728 0 >> .. >> .. >> >> # modinfo xt_state >> filename: /lib/modules/2.6.28.3/kernel/net/netfilter/xt_state.ko >> license: GPL >> author: Rusty Russell <rusty@xxxxxxxxxxxxxxx> >> description: ip[6]_tables connection tracking state match module >> alias: ipt_state >> alias: ip6t_state >> vermagic: 2.6.28.3 SMP mod_unload modversions >> depends: x_tables,nf_conntrack >> >> # iptables -V >> iptables v1.4.2 >> >> >> Did I forget to add anything? How can I see what is happing? > > I'm guessing you forgot nf_conntrack_ipv4. > > > -- > To unsubscribe from this list: send the line "unsubscribe > netfilter-devel" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html
begin:vcard fn:Husnu Demir n:Demir;Husnu email;internet:hdemir@xxxxxxxxxxx tel;work:+903122103330 tel;fax:+903122103303 x-mozilla-html:FALSE version:2.1 end:vcard
