Pastebin launched a little side project called HostCabi.net, check it out ;-)Don't like ads? PRO users don't see any ads ;-)
Guest

conntrack_fix.patch

By: Peaceseeker on Nov 2nd, 2012  |  syntax: None  |  size: 0.84 KB  |  hits: 57  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. --- a/ipblock   2010-10-23 07:54:30.000000000 +0100
  2. +++ b/ipblock   2012-11-02 17:08:57.568379144 +0000
  3. @@ -43,7 +43,7 @@
  4.  BLOCK_TARGET_MARK=0xffff
  5.  
  6.  NICE=-5
  7. -NEW="-m state --state NEW"
  8. +NEW="-m conntrack --ctstate NEW"
  9.  
  10.  GUI_LOG_FILE="/tmp/ipblockUI.log"
  11.  
  12. --- a/iplist.8  2010-10-23 07:54:30.000000000 +0100
  13. +++ b/iplist.8  2012-11-02 17:11:08.961306777 +0000
  14. @@ -146,9 +146,9 @@
  15.  would block in- and outcoming packets that attempt to establish
  16.  a new conncection.
  17.  
  18. -#> iptables -I INPUT -p tcp -m state --state NEW --dport 6991:6999 -j NFQUEUE
  19. +#> iptables -I INPUT -p tcp -m conntrack --ctstate NEW --dport 6991:6999 -j NFQUEUE
  20.  .br
  21. -#> iptables -I OUTPUT -p tcp -m state --state NEW --sport 6991:6999 -j NFQUEUE
  22. +#> iptables -I OUTPUT -p tcp -m conntrack --ctstate NEW --sport 6991:6999 -j NFQUEUE
  23.  
  24.  Then iplist can be started like this