daily pastebin goal
20%
SHARE
TWEET

conntrack_fix.patch

Peaceseeker Nov 2nd, 2012 62 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. --- a/ipblock   2010-10-23 07:54:30.000000000 +0100
  2. +++ b/ipblock   2012-11-02 17:08:57.568379144 +0000
  3. @@ -43,7 +43,7 @@
  4.  BLOCK_TARGET_MARK=0xffff
  5.  
  6.  NICE=-5
  7. -NEW="-m state --state NEW"
  8. +NEW="-m conntrack --ctstate NEW"
  9.  
  10.  GUI_LOG_FILE="/tmp/ipblockUI.log"
  11.  
  12. --- a/iplist.8  2010-10-23 07:54:30.000000000 +0100
  13. +++ b/iplist.8  2012-11-02 17:11:08.961306777 +0000
  14. @@ -146,9 +146,9 @@
  15.  would block in- and outcoming packets that attempt to establish
  16.  a new conncection.
  17.  
  18. -#> iptables -I INPUT -p tcp -m state --state NEW --dport 6991:6999 -j NFQUEUE
  19. +#> iptables -I INPUT -p tcp -m conntrack --ctstate NEW --dport 6991:6999 -j NFQUEUE
  20.  .br
  21. -#> iptables -I OUTPUT -p tcp -m state --state NEW --sport 6991:6999 -j NFQUEUE
  22. +#> iptables -I OUTPUT -p tcp -m conntrack --ctstate NEW --sport 6991:6999 -j NFQUEUE
  23.  
  24.  Then iplist can be started like this
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top