Hi all,
I've been searching around for the answer to this and I've finally
given up trying to solve it on my own. Any hints would be much
appreciated.
I'm entering the following command (cut and paste from the command line):
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
which appears in various docs. It looks pretty straightforward, but I
get this error:
iptables: No chain/target/match by that name
If I enter the same command without "-m state --state
ESTABLISHED,RELATED" it's accepted, so I figure my problem is there
somewhere.
I thought that maybe my kernel (2.6.11.10, ARCH=xen) was compiled
without connection tracking, but dmesg includes the following:
ip_tables: (C) 2000-2002 Netfilter core team
ip_conntrack version 2.1 (1024 buckets, 8192 max) - 244 bytes per conntrack
also, if I enter "iptables -m state --help" I get the normal help with
this at the end:
state v1.2.11 options:
[!] --state [INVALID|ESTABLISHED|NEW|RELATED|UNTRACKED][,...]
State(s) to match
so I figure I must have the necessary bits installed.
Any ideas or hints on what I should do next to debug this?
Regards,
Ami.
