It works fine with the -m state. But just for information, in my version of iptables v1.2.7-20020525 I don't have the error message you mention. I just have the out of memory error.
Thanks, Jean Bel -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jozsef Kadlecsik Sent: mardi 28 mai 2002 12:56 To: Jean Bel Cc: [EMAIL PROTECTED] Subject: RE: Bug: iptables -A INPUT -p TCP --state NEW ! --syn -j DROP On Tue, 28 May 2002, Jean Bel wrote: > I don't think so because it is the only iptables command which causes > this error and it takes a few times before sending this error message > even if it's the first iptables I launch. I think there is an infinite > loop which take all the memory. Did you try this command ? # iptables -A INPUT -p TCP --state NEW ! --syn -j DROP iptables v1.2.7: Unknown arg `--state' Try `iptables -h' or 'iptables --help' for more information. The command should be iptables -A INPUT -p TCP -m state --state NEW ! --syn -j DROP Regards, Jozsef - E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] WWW-Home: http://www.kfki.hu/~kadlec Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
