On Saturday 2011-05-07 14:46, Lutz Jaenicke wrote: >If the protocol module has already been loaded (find_proto() >is succesfull) would but has not yet been activated for this command >(proto_used is not yet set), we have to activate the protocol >specific match for this command. >Without the modification iptables-restore will fail if an >implicitly loaded protocol match is used for the second time. > ... > -A somechain -p udp --dport 500 -j ACCEPT > -A somechain -p udp --dport 4500 -j ACCEPT > ... >will fail for the "4500" line with '--dport" being an unknown option. It was here previously: http://www.spinics.net/lists/netfilter-devel/msg17530.html But it was not picked up.. [maintenance needs to be reevaluated I suppose] -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
