>What is 'ngh'? Negative? It is the sound a mong makes when he realises he made a stupid mistake. >Where did you read it's built into the iptables *binary*? Which binary? Why are >you sure it's truly built into the binary on your machine? All I did to resolve my problem was run the iprange patch from patch-o-matic to put it into my kernel, recompile the kernel and reboot. Patch-o-matic didn't touch iptables 1.2.9 that I already had installed. IIRC (and I probably don't), I had to compile patch-o-matic's netfilter with the iprange patch and use that instead of the 'normal' iptables 1.2.8 source. I just forgot that there were two parts to getting iprange working: 1. iptables has to recognise it, 2. the kernel also must be compiled with it. With the 1.2.9 changelog saying iprange was built into it, in my excitement I forgot about part two. -- .
