Bug 179094
Summary: | init.d/iptables still doesn't know raw table | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Maxim Britov <maxim.britov> |
Component: | iptables | Assignee: | Thomas Woerner <twoerner> |
Status: | CLOSED RAWHIDE | QA Contact: | Ben Levenson <benl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-02-02 13:24:52 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Maxim Britov
2006-01-27 13:27:45 UTC
There is no POSTROUTING in the raw table. yes, but you was wrong, on you closed this bug. That was my stupid cute/paste bug from nat table :) I'm sorry about it. it shoud be without POSTROUTING in raw table. I'm use Russian, and i see error like: I gets [FAIL] on service iptables stop I inserted into /etc/rc.d/init.d/iptables from string 135 and it works fine for me now. raw) $IPTABLES -t raw -P PREROUTING $policy \ && $IPTABLES -t raw -P OUTPUT $policy \ || let ret+=1 ;; # iptables -t raw -P PREROUTING ACCEPT && iptables -t raw -P OUTPUT ACCEPT && echo "ACCEPT" ACCEPT # iptables -t raw -P PREROUTING DROP && iptables -t raw -P OUTPUT DROP && echo "DROP" DROP # rpm -q kernel-smp kernel-smp-2.6.15-1.1826.2.5_FC5 # rpm -q iptables iptables-1.3.4-3 So I see no problem here. There is onther problem with netfilter in the pre 1.1881_FC5 kernels, please upgrade. We talking about different things. iptbales works fine fow me. Probmlem in init.d/iptables file. That file doesn't contain info about "raw" table. And \sbin\service iptbales stop or panic doesn't work fine for "raw" table. Function set_policy() of init.d/iptables should set policy for all tables to $1. It gets list tables: tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null` then: for i in $tables; do and: case "$i" in That case operator know only: nat, filter, mangle tables. It doesn't know raw. And after "/sbin/service iptbales stop" "raw" tables will contain old policy :( Fixed in rawhide in rpm iptables-1.3.5-1. |