>How did you do that? I have iptables v1.2.5 on a 2.4.17 >and is not working for me. I did not see the "--string" >option on iptables man page.
>This is the error I get: >Try `iptables -h' or 'iptables --help' for more information. >iptables v1.2.5: Couldn't load match >`string':/usr/local/lib/iptables/libipt_string.so: cannot open >shared object file: No such file or directory >My compile did not generate a "libipt_string.so". I must have >missed something somewhere. Iptables has an odd compile method: almost all of it consists of kernel patches, which are applied on a "do you want this?" basis by the Patch- O-Matic system. Various make options (e.g. make pending, make most-of- pom) select sets of patches to apply, and the strings target is in one of them. Something strange is currently going on. Some patches are not being offered (the new NAT suite) which contains among other things, H323 connection tracking. I manually loaded this set but couldn't get it to patch (1.2.5 on 2.4.16), and a web search suggests there's something wrong with these patches and recent kernels. I'm not sure if the strings target patch is in this group. If it isn't, then you should find it among the full set of patches. -- [EMAIL PROTECTED]
