iptables: Replace state module by conntrack module.
[people/teissler/ipfire-2.x.git] / config / forwardfw / rules.pl
index 82b5dd61e5d3ad0249adcfd0dbc9ad9b9b0c7b2b..6a91ddf5725c094da1da3dbb89f75eb476166ba5 100755 (executable)
@@ -115,7 +115,7 @@ if($param eq 'flush'){
                        system ("/usr/sbin/firewall-policy"); 
                }elsif($fwdfwsettings{'POLICY'} eq 'MODE2'){
                        &p2pblock;
                        system ("/usr/sbin/firewall-policy"); 
                }elsif($fwdfwsettings{'POLICY'} eq 'MODE2'){
                        &p2pblock;
-                       system ("iptables -A $CHAIN -m state --state NEW -j ACCEPT");
+                       system ("iptables -A $CHAIN -m conntrack --ctstate NEW -j ACCEPT");
                        system ("/usr/sbin/firewall-policy");
                        system ("/etc/sysconfig/firewall.local reload");
                }
                        system ("/usr/sbin/firewall-policy");
                        system ("/etc/sysconfig/firewall.local reload");
                }