Hello, Paulo Andre a écrit :
How would I go about getting ctstate installed on my system, currently running iptables 1.3.8.
All you need is a kernel with the 'conntrack' match enabled (CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y|m on recent kernels or CONFIG_IP_NF_MATCH_CONNTRACK on older ones). Support for the 'conntrack' match has been included in the kernel since version 2.4.20 and in iptables since version 1.2.7a.
Apparently I need this to get multiple isp links working correctly on a FW. Packets entering interface eth2/eth3 all still leaving eth1, default GW.
Can you elaborate ? - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
