Sorry, problem fixed. It is not related to iptables bug. I overlooked the rule. If it's icmp protocol and the action is reject, 'icmp-port-unreacheable' is added automatically. So I get something extra with iptables-save.
-----Original Message----- From: Harald Welte <[EMAIL PROTECTED]> To: Dung Patrick <[EMAIL PROTECTED]> Date: Sun, 12 May 2002 14:26:47 +0200 Subject: Re: Re: On Sun, May 12, 2002 at 12:32:33PM +0800, Dung Patrick wrote: > I use iptables 1.2.6a (debian woody). > > The iptables-save in cvs is 1.22 (last changed is in March). I've not > compiled the source from cvs to test yet. Ok. The bug is (was) within the iptables.c code, could you please try latest CVS [or try to apply the patch http://cvs.samba.org/cgi-bin/cvsweb/netfilter/userspace/iptables.c.diff?r1=1.45&r2=1.46] -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
