Bug 32407
Summary: | QA0319: iptables kernel module doesn't load | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Daniel Roesen <dr> |
Component: | iptables | Assignee: | Bernhard Rosenkraenzer <bero> |
Status: | CLOSED RAWHIDE | QA Contact: | Brock Organ <borgan> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.1 | CC: | pekkas |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2001-06-20 20:28:45 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Daniel Roesen
2001-03-20 16:41:25 UTC
So if you want to use the new firewall rules, just remove the old compatibility? Doesn't sound like a bug to me. Besides that being very non-obvious, both supporting initscripts are enabled by default: [root@qa0319 /root]# chkconfig --list|grep ^ip iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off ipchains 0:off 1:off 2:on 3:on 4:on 5:on 6:off This sounds like a userland configuration policy; assigning to ipchains. I agree, however since the config tools favor ipchains, I think iptables should be changed. Doesn't make sense to start both at init time. Actually it makes more sense to have one script called "ipfilter" or "firewall" and have it deal with the logic of wether to start ipchains or iptables, but that is not likely to happen anytime soon. Reassigning to iptables. This is kinda moot point at this point IMO as the default iptables ruleset is empty. People do start to wonder if they have both. I suggest adding a failure notice in iptables (and perhaps also in ipchains) which checks whether either 1) ipchains module is loaded 2) /etc/sysconfig/ipchains or equiv is non-empty .. or some other bright ideas. The _default_ behaviour, until users start mixing the two is ok. Warning added in 1.2.2-3 |