On Tue, Mar 26, 2002 at 01:59:36AM -0600, Kelly Scroggins wrote: > I don't know if it's related, but When I run this > rule I get the error below : > > [prompt]# /sbin/iptables -I FORWARD 2 -i eth0 -o eth2 -m state \ > > --state ESTABLISHED,RELATED -j ACCEPT > iptables: No chain/target/match by that name
either iptable_filter, ip_conntrack, ipt_state kernel module or one of the following userspace plugins is missing: libipt_standard, libipt_state. > I've search the Internet over and I've not found > an answer (that I can understand). > > I saw some threads that refered to the > ip_conntrack, and I do have that under the > /proc/net directory. > > I saw a statement in a thread about loading the > ip_state module. I tried that but I don't have > it. Does this matter? Yes. How do you want to match on 'state' without having a 'state' module? Most likely your kernel configuration is missing some netfilter-related modules. > How do I check my kernel config file to see if it > was compiled? just answer all netfilter questions with 'M', it won't hurt you. > Is the ip_conntrack the same as the ip_state > module? no. > Thanks, > kelly -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
