https://bugzilla.suse.com/show_bug.cgi?id=1212839 https://bugzilla.suse.com/show_bug.cgi?id=1212839#c6 Richard Palethorpe <richard.palethorpe@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |richard.palethorpe@suse.com Flags|needinfo?(nstange@suse.com) | --- Comment #6 from Richard Palethorpe <richard.palethorpe@suse.com> --- Yes, this could be caused by the ipt_state module not being loaded. Except that the kernel should load the module and retry. match = xt_find_match(nfproto, name, revision); if (IS_ERR(match)) { request_module("%st_%s", xt_prefix[nfproto], name); match = xt_find_match(nfproto, name, revision); } I think xt_find_match is the only function that can return ENOENT before the checks are done which should cause EINVAL. -- You are receiving this mail because: You are on the CC list for the bug.