On Tue, Mar 12, 2002 at 11:15:55AM -0800, Yogini Parkhi wrote:
> HI Jacek,
> Thanks for you help!
> I tried this and this is what iptables says:
>
> root@nmdev:~>iptables -t prestate -f -j NOTRACK
> iptables v1.2.5: no command specified
> Try `iptables -h' or 'iptables --help' for more information.a
Ugh I forgot "-A PREROUTING" :-(
>
> I never saw the prestate table in iptables help anywhere??
From iptables man-page:
NOTRACK
This target extension is built into the prestate table extension.
It can be used to mark packets, so that those are ignored by the
underlying conntrack module and the nat table. In consequence, those
packets are not seen by the conntrack/NAT helpers and the state of
their related packets (if those are not marked by NOTRACK as well) are
INVALID (!) instead of RELATED.
> What should I do to fix this?
try:
iptables -t prestate -A PREROUTING -f -j NOTRACK
I still didn't try if it works, but this command is accepted by iptables.
Greets,
Jacek
