Hi, After having removed all lines trying to create rules with "-m state", I have the following thing:
mx:/var/lib/shorewall# iptables-restore < /var/lib/shorewall/.iptables-restore-input mx:/var/lib/shorewall# echo $? 0 serveur:~# nmap mx.network-hosting.com -p22,25,80,143,8080 -sV Starting Nmap 4.20 ( http://insecure.org ) at 2007-07-30 01:14 CEST Interesting ports on mx.network-hosting.com (87.98.219.114): PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 4.3p2 Debian 9 (protocol 2.0) 25/tcp filtered smtp 80/tcp open http Apache httpd 2.2.4 ((Unix) DAV/2 PHP/5.2.1) 143/tcp open imap Courier Imapd (released 2004) 8080/tcp filtered http-proxy Service Info: OS: Linux Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ . Nmap finished: 1 IP address (1 host up) scanned in 7.826 seconds I think you found the real problem on the server... The kernel does not include enough modules... And as it has been built with security in mind, I can not insert the needed modules... A new kernel is needed. ==> Is there a way to work without state match? I asked my hoster to add all Netfilter's modules, but I don't know if he would do it... Thank you for your help :) Jerome Blion. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
