On Tuesday 2011-04-05 21:41, Andrew Beverley wrote: >On Tue, 2011-04-05 at 19:18 +0530, Supratik Goswami wrote: >> I checked the connbyes support in my Kernel and it shows the following output. >> >> [root@gateway bin]# lsmod |grep connbytes >> xt_connbytes 6465 0 >> x_tables 17349 11 >> xt_connbytes,xt_MARK,xt_multiport,xt_CLASSIFY,xt_length,xt_state,ipt_REDIRECT,ipt_TOS,xt_tcpudp,iptable_nat,ip_tables > >Good, looks like the *kernel* module is loaded. > >> When I am trying to use it with iptables I am getting the following error: >> >> iptables v1.3.5: Couldn't load match >> `connbytes':/lib/iptables/libipt_connbytes.so: cannot open shared >> object file: No such file or directory > >However, looks like your iptables is missing the userspace bit. Not sure >why that would be, but that's a pretty old iptables version - was the >connbytes match available back then? Would be worth trying to upgrade >iptables. Yes it was available. So not only did it ship an outdated copy (even at release time), but also an incomplete one. RHEL just ain't the proper platform to run a firewall on. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html