Re: -m in iptables???

To: Lars Hallberg <lah@micropp.se>
Cc: debian-firewall@lists.debian.org
Subject: Re: -m in iptables???
From: Daniel Stone <daniel@kabuki.openfridge.net>
Date: Tue, 24 Apr 2001 07:19:34 +1000
Message-id: <20010424071934.A494@piro.kabuki.openfridge.net>
Mail-followup-to: Lars Hallberg <lah@micropp.se>, debian-firewall@lists.debian.org
In-reply-to: <20010423131114.A27361@albert.micropp.se>; from lah@micropp.se on Mon, Apr 23, 2001 at 01:11:14PM +0200
References: <20010423131114.A27361@albert.micropp.se>

On Mon, Apr 23, 2001 at 01:11:14PM +0200, Lars Hallberg wrote:
> I ben reading Linux 2.4 Packet Filtering HOWTO and the iptables 
> manpage. In the howto and elsewhere the -m option is used, but I can't 
> find what it means. Not in the howto, nether in the manpage.
> 
> Is it just me or is it missing?
> 
> If it?s missing, do someone know what it means?

It means match extension, and is used to load shared libraries. For example:
iptables -A INPUT --state ESTABLISHED,RELATED -j ACCEPT
This is in the state library, so you'll get a no chain/target/match error.
But:
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
is OK, as it loads the state library beforehand.

Hope that helps :)
d

-- 
Daniel Stone
Linux Kernel Developer
daniel@kabuki.openfridge.net

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
G!>CS d s++:- a---- C++ ULS++++$>B P---- L+++>++++ E+(joe)>+++ W++ N->++ !o
K? w++(--) O---- M- V-- PS+++ PE- Y PGP>++ t--- 5-- X- R- tv-(!) b+++ DI+++ 
D+ G e->++ h!(+) r+(%) y? UF++
------END GEEK CODE BLOCK------

Reply to:

References:
- -m in iptables???
  - From: lah@micropp.se (Lars Hallberg)

Prev by Date: Re: -m in iptables???
Next by Date: 2 variables in R. Ziegler's book
Previous by thread: Re: -m in iptables???
Next by thread: 2 variables in R. Ziegler's book
Index(es):
- Date
- Thread