Bug 2113874
| Summary: | [RHEL-9.1] nftables add ipsec rule fail | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | yiche <yiche> |
| Component: | nftables | Assignee: | Phil Sutter <psutter> |
| Status: | CLOSED ERRATA | QA Contact: | Jiri Peska <jpeska> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 9.1 | CC: | egarver, jpeska, todoleza |
| Target Milestone: | rc | Keywords: | Regression, TestCaseProvided, Triaged |
| Target Release: | 9.1 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | nftables-1.0.4-8.el9_1 | Doc Type: | No Doc Update |
| Doc Text: |
If this bug requires documentation, please select an appropriate Doc Type value.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-02-28 08:19:30 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Missed RHEL9.1, proposing for RHEL9.2. Did not branch yet, aiming for RHEL9.1.z with this. Jiri, please ACK. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (nftables bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:0950 |
Fixed upstream, following commits should be backported: ed2426bccd3ea ("tests/py: Add a test for failing ipsec after counter") 994bf5004b365 ("parser: add missing synproxy scope closure") 8623772af0610 ("scanner: don't pop active flex scanner scope") The first one adds a test for the bug described in this ticket to upstream testsuite. The second patch fixes a different bug in parser which is exposed by patch 3 which actually fixes this ticket's issue.