Hello, I think I found an iptables-save bug. A rule that's *supposed* to be saved as: -A PREROUTING -m conntrack --ctstate UNTRACKED -m comment --comment "Don\'t process untracked" -j ACCEPT Is instead saved as: -A PREROUTING -m conntrack --ctstate -m comment --comment "Don\'t process untracked" -j ACCEPT (i.e., the "UNTRACKED" option is missing) I don't know if the other --ctstate options are also missing. Details: - iptables -v == v1.4.4 - uname -a == "Linux aeacus-4 2.6.32-29-generic-pae #58-Ubuntu SMP Fri Feb 11 19:15:25 UTC 2011 i686 GNU/Linux" Rgds, -- Pandu E Poluan ~ IT Optimizer ~ Visit my Blog: http://pepoluan.posterous.com Google Talk: pepoluan Y! messenger: pepoluan MSN / Live: pepoluan@xxxxxxxxxxx (do not send email here) Skype: pepoluan More on me:ÂÂMy LinkedIn Account My Facebook Account -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
