Bug 155608
Summary: | libipt_recent.so not built due to spec file problem | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 3 | Reporter: | Mike Kimmick <mkimmick> |
Component: | glibc-kernheaders | Assignee: | David Woodhouse <dwmw2> |
Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 3.0 | CC: | eric |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | RHBA-2005-597 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-09-28 17:31:38 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 156320 |
Description
Mike Kimmick
2005-04-21 19:19:40 UTC
Okay, now I have another issue. After rebuilding the rpm and installing it, I can add a line to match recent, and this works fine. iptables -I INPUT -m recent --name badguy --rcheck --seconds 60 -j DROP Saving the config and restarting iptables fails. During iptables restart, I'm getting the following error: Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: mangle nat filter [ OK ] Unloading iptables modules: [ OK ] Applying iptables firewall rules: Bad argument `recent:' Error occured at line: 25 Try `iptables-restore -h' or 'iptables-restore --help' for more information. This can be quite damaging as the firewall never gets loaded, and the machine is wide-open for attack. iptables-save is not saving the config correctly. RHEL 4 works fine, and here is the saved data -A INPUT -m recent --rcheck --seconds 60 --name badguy --rsource -j DROP And here is what is saved under RHEL 3 -A INPUT -m recent recent: --seconds 1701970164 --hitcount 1953391971 --name --rsource -j DROP From RHEL 4, iptables-1.2.11-3.1.RHEL4.src.rpm has the same spec file problem. Fixing and rebuilding iptables-1.2.11-3.1.RHEL4.src.rpm on RHEL 3 seems to work. Can now add firewall rule to match on recent, and the rules are saved and restored successfully. This approach has worked on my RHEL3 system also. Thanks. The 'recent' module is very important in order to throttle ssh brute force attacks: http://blog.andrew.net.au/2005/02/17/ RHEL3 and RHEL4 really needs an iptables update asap. iptables may not use the kernel headers directly. It has to use the glibc-kernheaders instead. Assigning to glibc-kernheaders. If is it fixed in the glibc-kernheaders package, please reassign to get the save problem in the iptables recent module fixed. Adding ipt_recent.h to glibc-kernheaders. Actually, since iptables is probably the only user of these headers, it should probably carry its own copy instead of putting them in /usr/include/linux. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2005-597.html |