#245 iptables v1.4.16.3: state --> conntrack

open
nobody
None
5
2014-01-01
2012-12-11
gen2thomas
No

WARNING: The state match is obsolete. Use conntrack instead.

OLD:
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

NEW:
$IPTABLES -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

Discussion

  • Velandil

    Velandil - 2013-04-05

    Every script created with Firewall Builder produces the following output for quite a few lines:

    WARNING: The state match is obsolete. Use conntrack instead.

     
  • C Falconer

    C Falconer - 2014-01-01

    Concur - its a PITA but this sed command fixes the wrong output inline

    s/ -m state --state / -m conntrack --ctstate /g
    

    So I added a "policy install script" that changes the installed policy then loads it. Dirty hack!

    This happens under iptables v1.4.16.2 on FC18 for me

     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks