I built and installed iptables on my linux embedded system. If I list all rules, everything works fine:
#iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
But, if I add a new rule to block icmp ping, I'll get the follwing error:
iptables -A INPUT -i eth0 -p icmp --icmp-type any -s 0/0 -d 10.20.3.179 -m state --state NEW,ESTABLISHED,RELATED -j DROP
iptables: No chain/target/match by that name.
How to fix it?
The chain and target look correct, so it must be the match. Make sure CONFIG_NETFILTER_XT_MATCH_STATE is enabled in your kernel config.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With