Hi Pablo, To fix that the add_cmp_ptr() function should be called after add_bitwise_* in add_addr() function. But this change make the output wrong, see below: # iptables-compat -A INPUT -p tcp -s 192.168.0.0/24 --dport 22 -m conntrack --ctstate NEW -j ACCEPT # iptables-compat -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ctstate NEW I'm going to investigate more in depth. Regards -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
