--- a/ipblock 2010-10-23 07:54:30.000000000 +0100
+++ b/ipblock 2012-11-02 17:08:57.568379144 +0000
@@ -43,7 +43,7 @@
BLOCK_TARGET_MARK=0xffff
NICE=-5
-NEW="-m state --state NEW"
+NEW="-m conntrack --ctstate NEW"
GUI_LOG_FILE="/tmp/ipblockUI.log"
--- a/iplist.8 2010-10-23 07:54:30.000000000 +0100
+++ b/iplist.8 2012-11-02 17:11:08.961306777 +0000
@@ -146,9 +146,9 @@
would block in- and outcoming packets that attempt to establish
a new conncection.
-#> iptables -I INPUT -p tcp -m state --state NEW --dport 6991:6999 -j NFQUEUE
+#> iptables -I INPUT -p tcp -m conntrack --ctstate NEW --dport 6991:6999 -j NFQUEUE
.br
-#> iptables -I OUTPUT -p tcp -m state --state NEW --sport 6991:6999 -j NFQUEUE
+#> iptables -I OUTPUT -p tcp -m conntrack --ctstate NEW --sport 6991:6999 -j NFQUEUE
Then iplist can be started like this