ip6tables -m state (match state) not working...
Jay Cliburn
jacliburn at bellsouth.net
Mon Oct 9 01:36:34 UTC 2006
Michael H. Warfield wrote:
> On Sun, 2006-10-08 at 13:32 -0500, Jay Cliburn wrote:
>> Michael H. Warfield wrote:
>>> Hey all,
>>>
>>> I've found that the IPv6 state matching is non-functional in FC6.
>
>> Oh, and by the way, ip6tables state matching is nonfunctional, period; not just
>> in Fedora. The Netfilter team hasn't yet implemented state matching in ip6tables.
>
> Strange that it accepts the -m state option to ip6tables then. There
> is certainly an libip6t_state.so in /lib/iptables. If it hasn't been
> implemented, then what's in that friggen library?
I retract my earlier assertion that state matching is nonfunctional.
[root at osprey iptables]# strings /lib64/iptables/libip6t_state.so | grep state
--state
You must specify `--state'
Bad state `%s'
state
state v%s options:
[!] --state [INVALID|ESTABLISHED|NEW|RELATED|UNTRACKED][,...]
state
Now to find out why it doesn't work in rawhide...
More information about the test
mailing list