How to fix “iptables: No chain/target/match by that name”?

问题

I built and installed iptables on my linux embedded system. If I list all rules, everything works fine:

#iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

But, if I add a new rule to block icmp ping, I'll get the follwing error:

iptables -A INPUT -i eth0 -p icmp --icmp-type any -s 0/0 -d 10.20.3.179 -m state --state NEW,ESTABLISHED,RELATED -j DROP
iptables: No chain/target/match by that name.

How to fix it?

回答1:

The chain and target look correct, so it must be the match. Make sure CONFIG_NETFILTER_XT_MATCH_STATE is enabled in your kernel config.

来源：https://stackoverflow.com/questions/17679749/how-to-fix-iptables-no-chain-target-match-by-that-name

标签

Linux

embedded-linux

iptables

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!