[TIP] iptables state error … e-use.html

After I remove six lines with -m state, the rules /var/lib/iptables/rules-save were loaded successfully. Don't know why I had those and didn't use to match state actually.

If you used state match, then you need to change it to be

-m conntrack --ctstate [STATELIST]

with kernel configuration NETFILTER_XT_MATCH_CONNTRACK. See man 8 iptables-extensions.


