Hi, On Tue, 1 May 2007 22:38:27 -0400 [EMAIL PROTECTED] wrote:
> The final remaining problem is with the 3 statements scattered > through the rules... > > -A ICMP_IN -p icmp -m state --state NEW -j UNSOLICITED > -A TCP_IN -p tcp -m state --state NEW -m tcp -j UNSOLICITED > -A UDP_IN -p udp -m state --state NEW -j UNSOLICITED Hm, do your other rules use connection state matching? > This works on the main system, with a slightly older kernel. On > the Dell, running 2.6.20-r7, I have a whole bunch of stuff enabled in > the kernel, including... > [...] I'd suggest to enable all netfilter options -- as modules. Then see which of them are being loaded when you restore your rules and then according to that trim down your kernel configuration again. My suspicion would be you're missing connectioin state matching support. -hwh -- [EMAIL PROTECTED] mailing list
