I noticed there are a lot of the "cooler" iptables match targets missing from centos. You could recompile your kernel, which is taboo and dangerous, or you could run a more firewall friendly distro. Centos makes for a great and reliable server, but it's not a firewall, it's much too heavy of a distro for a firewall imho.
If you really want to proceed you'll need to check out compiling your own kernel, as well as updating the netfilter/iptables code (patch-o-matic).
Gordon
On 11/3/06, Adriano Frare alfrare@e-alinux.com wrote:
Dear Friends,
I installed CENTOS 4.4 on server.
I need DROP MSN Messenger using IPTABLES, I created the rule below.
$IPTABLES -A INPUT -p tcp -m string --string "x-msn-messenger" -j DROP
But, When I run IPTABLES, I have received follow error:
DROP -> MSN Messenger iptables v1.2.11: Couldn't load match `string':/lib/iptables/libipt_string.so: cannot open shared object file: No such file or directory
Where DO I find library libipt_string ?
Thanks for help.
Adriano Frare _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos