[libvirt] [PATCH v2] nwfilter: Use -m conntrack rather than -m state
John Ferlan
jferlan at redhat.com
Wed Aug 7 00:11:05 UTC 2013
On 08/06/2013 07:46 PM, Stefan Berger wrote:
> Since iptables version 1.4.16 '-m state --state NEW' is converted to
> '-m conntrack --ctstate NEW'. Therefore, when encountering this or later
> versions of iptables use '-m conntrack --ctstate'.
>
> Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
>
> ---
> v1->v2:
> - Fixed a logic bug and adjusted version comparison to use '>='
> rather than '>'
>
> ---
ACK
John
More information about the libvir-list
mailing list