I bet you enabled the new transport-agnostic netfilter, and didn't enable
some of the actual rules needed for your iptables setup (they have new
config names).
I do think that the netfilter team has been very irritating in changing
the config names, even if it "is logical".
Somebody should stop the madness, and tell people what config options they
need for a regular iptables setup like this. Rather than say "just compile
everything". There's about a million different filters, and they all
depend on one infrastructure or another.
And then the networking people should F*NG STOP that config name changing
madness! The config names should match the _usage_, not some
implementation detail. And failing that, leave the config options named
something illogical, as long as people don't have to change their config
file all the time and answer millions of questions that they don't care
about!
David, please crack some heads.
Linus
-
