I have just installed a SLES11SP4 server after a very frustrating episode with SLES12. It was a clean install, and I have used YAST to set up the firewall. I now get a number of warning messages every time I boot the system (Warning: The state match is obsolete, Use conntrack instead). I have always used YAST to set up the firewall, and have never had this problem until now. Anyone got any ideas how to resolve this issue as I assumed that YAST would not contribute to such issues.
Also, I had a redundant network card in the server, which I physically removed, hoping this might help out the situation. I now have a situation where this card is not now visible to the system, but still appears in the YAST firewall configuration as an available interface. I have noticed this in the past, and it has not caused any problems, but someone may know how to remove this card from the firewall settings.
but someone may know how to remove this card from the firewall settings
have you checked for a stale “/etc/sysconfig/network/ifcfg-*” file?
Warning: The state match is obsolete, Use conntrack instead
“conntrack” replaced “-m state” some time ago, probably SLES11SP4 ships with the new modules that reflect this change, and the firewall scripts were not adopted as this is only a warning? If possible, you should raise a service request with SUSE on this issue.
Hi,
Thanks for your reply. You have just confirmed my initial thoughts. rather than wait for changes to be made, I will dig in and make them myself. Regarding the other problem, I have already searched all the files where you suggested and found no mention of the redundant eth3. I have looked through some of the firewall files, and can still not find where this removed card is being picked up from. Perhaps someone may have some thoughts on this.