Since mailman is blocking me here is reply again... On Sun, Nov 24, 2002 at 07:45:38PM -0500, Joel Newkirk wrote: > > $ iptables -A ssh -j ULOG -p tcp -m state --state NEW > > > > reports: > > > > iptables v1.2.6a: You must specify `--state' > > Try `iptables -h' or 'iptables --help' for more information. > > > > but using DROP works fine: > > > > $ iptables -A ssh -j DROP -p tcp -m state --state NEW > > Does the ULOG target work in other uses, IE "iptables -A FORWARD -j ULOG" ? Nope, it gives same error: $ iptables -A FORWARD -j ULOG -p tcp -m state --state NEW iptables v1.2.6a: You must specify `--state' with INPUT and OUTPUT, also same thing. I'm not doing anything special (like NAT, conntrack, ftp, ...), just plain INPUT filtering. -- @
