main/awall/0001-filter-fix-warning-about-m-state-in-newer-iptables.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

From 9396a7492e2fd7a1180732123ff45ec11691b575 Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Fri, 28 Dec 2012 14:22:56 +0100
Subject: [PATCH] filter: fix warning about -m state in newer iptables

Fixes this warning when using recent iptables:
WARNING: The state match is obsolete. Use conntrack instead.

ref #1497
---
 awall/modules/filter.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/awall/modules/filter.lua b/awall/modules/filter.lua
index a635939..b697ae5 100644
--- a/awall/modules/filter.lua
+++ b/awall/modules/filter.lua
@@ -202,7 +202,7 @@ defrules = {}
 local fchains = {{chain='FORWARD'}, {chain='INPUT'}, {chain='OUTPUT'}}
 
 local dar = combinations(fchains,
-			 {{opts='-m state --state RELATED,ESTABLISHED'}})
+			 {{opts='-m conntrack --ctstate RELATED,ESTABLISHED'}})
 for i, chain in ipairs({'INPUT', 'OUTPUT'}) do
    table.insert(dar,
 		{chain=chain,
-- 
1.8.0.3