On 9/1/2016 2:59 PM, Tom Eastep wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 08/30/2016 12:33 PM, Richard B. Pyne wrote: >> I have been using Shorewall since version 2 on several platforms. A >> couple years ago, I standardized on CentOS, and everything worked >> fine. >> >> Last week, I ran an update on some CentOS 7 servers and discovered >> that Shorewall wouldn't start. It fails with the message: "Your >> kernel/iptables do not include state match support. No version of >> Shorewall will run on this system" >> >> I have Shorewall version 5.0.8.2 installed. >> >> Any help would be greatly appreciated. > > After executing this command: > > iptables -N foo > > What output do these commands produce? > > iptables -A foo -m state --state ESTABLISHED -j ACCEPT
# iptables -a foo -m conntrack --ctstate ESTABLISHED -j ACCEPT iptables v1.4.21: unknown option "-a" > iptables -a foo -m conntrack --cstate ESTABLISHED -j ACCEPT # iptables -a foo -m conntrack --cstate ESTABLISHED -j ACCEPT iptables v1.4.21: unknown option "-a" This is on CentOS 7.2.1511 kernel 3.10.0-229.14.1.el7.x86_64 > > Thanks, > - -Tom Thanks. ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
