Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --- a/ipblock 2010-10-23 07:54:30.000000000 +0100
- +++ b/ipblock 2012-11-02 17:08:57.568379144 +0000
- @@ -43,7 +43,7 @@
- BLOCK_TARGET_MARK=0xffff
- NICE=-5
- -NEW="-m state --state NEW"
- +NEW="-m conntrack --ctstate NEW"
- GUI_LOG_FILE="/tmp/ipblockUI.log"
- --- a/iplist.8 2010-10-23 07:54:30.000000000 +0100
- +++ b/iplist.8 2012-11-02 17:11:08.961306777 +0000
- @@ -146,9 +146,9 @@
- would block in- and outcoming packets that attempt to establish
- a new conncection.
- -#> iptables -I INPUT -p tcp -m state --state NEW --dport 6991:6999 -j NFQUEUE
- +#> iptables -I INPUT -p tcp -m conntrack --ctstate NEW --dport 6991:6999 -j NFQUEUE
- .br
- -#> iptables -I OUTPUT -p tcp -m state --state NEW --sport 6991:6999 -j NFQUEUE
- +#> iptables -I OUTPUT -p tcp -m conntrack --ctstate NEW --sport 6991:6999 -j NFQUEUE
- Then iplist can be started like this
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement