I noticed there are a lot of the "cooler" iptables match targets missing from centos. You could recompile your kernel, which is taboo and dangerous, or you could run a more firewall friendly distro. Centos makes for a great and reliable server, but it's not a firewall, it's much too heavy of a distro for a firewall imho. If you really want to proceed you'll need to check out compiling your own kernel, as well as updating the netfilter/iptables code (patch-o-matic). Gordon On 11/3/06, Adriano Frare <alfrare at e-alinux.com> wrote: > Dear Friends, > > I installed CENTOS 4.4 on server. > > I need DROP MSN Messenger using IPTABLES, I created the rule below. > > $IPTABLES -A INPUT -p tcp -m string --string "x-msn-messenger" -j DROP > > > > But, When I run IPTABLES, I have received follow error: > > DROP -> MSN Messenger > iptables v1.2.11: Couldn't load match > `string':/lib/iptables/libipt_string.so: cannot open shared object file: > No such file or directory > > > Where DO I find library libipt_string ? > > > > Thanks for help. > > > Adriano Frare > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >