> What those entries suggest to me is that there are two > copies of iptables code on the box. You're correct: (v1.2.3) - /lib/iptables - /sbin (v1.2.8 - the correct one) - /usr/local/lib/iptables - /usr/local/sbin/iptables > If there is a second copy of iptables it could take some time > and care to sort out which files are which.... but it can be done. OK, everything now works as it should. What I did was: rm -rf /lib/iptables rm -f /sbin/ip*tables* mv /usr/local/lib/iptables /lib mv /usr/local/sbin/ip*tables* /sbin ln -s /lib/iptables /usr/local/lib/iptables However, every time an iptables command is executed, the program looks for libraries in /usr/local/lib/iptables (which is now symlinked to /lib/iptables) - is there a way to force iptables to load its modules directly from /lib/iptables? Michal Kepien
