Bug 107169

Summary: Iptables service won't stop any longuer without a network reset
Product: [Retired] Red Hat Linux Reporter: Nicolas Mailhot <nicolas.mailhot>
Component: iptablesAssignee: Thomas Woerner <twoerner>
Status: CLOSED DUPLICATE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: 7.3CC: davej, d
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-02-21 18:59:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nicolas Mailhot 2003-10-15 16:58:53 UTC 
Version : iptables-1.2.8-8.72.3

The new iptables service tries to unload the iptables modules on stop.
The problem is the connection tacking module won't unload if there is a
connection active. (A workaround is to do a service network restart)

As a result :
- service iptables restart will hang most of the times is conntrack is used
- software shutdown will fail too since the iptable service just hangs.

I've seen people hard-reset boxes just to restore iptables after a iptable
restart hung on them.
Comment 1 Dan Tucny 2003-10-21 22:02:17 UTC 
I've seen this on Red Hat Linux 9 and Fedora Core Test 3 also.
Comment 3 Michael Schwendt 2004-02-29 02:28:17 UTC 
triage->duplicate (bug 103177)
Comment 4 Miloslav Trmac 2004-03-01 13:48:09 UTC 

*** This bug has been marked as a duplicate of 103177 ***
Comment 5 Red Hat Bugzilla 2006-02-21 18:59:10 UTC 
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.