Bug 44118

Summary: iptables-save saves certain rules incorrectly
Product: [Retired] Red Hat Linux Reporter: David A. Madore <david.madore>
Component: iptablesAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED RAWHIDE QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-06-11 18:00:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
fix iptables-save none

Description David A. Madore 2001-06-11 16:11:52 UTC 
Description of Problem:
Some firewall rules are subtly altered by iptables-save. Notably, interface
names such as ppp+ become simply ppp, and --reject-with
icmp-port-unreachable becomes --reject-with icmp-proto-unreachable

How Reproducible:
always

Steps to Reproduce:
1. iptables -N TEST_CHAIN && iptables -A TEST_CHAIN -i ppp+ -j REJECT
--reject-with icmp-port-unreachable
2. iptables-save | fgrep TEST_CHAIN
3. iptables -F TEST_CHAIN && iptables -X TEST_CHAIN

Actual Results:
:TEST_CHAIN - [0:0]
-A TEST_CHAIN -i ppp -j REJECT --reject-with icmp-proto-unreachable 

Expected Results:
:TEST_CHAIN - [0:0]
-A TEST_CHAIN -i ppp+ -j REJECT --reject-with icmp-port-unreachable 

Additional Information:
iptables-1.2.1a-1 and kernel 2.4.5 (not the pristine RedHat kernel), but
this is probably irrelevant
Comment 1 David A. Madore 2001-06-11 18:00:30 UTC 
Created attachment 20743 [details]
fix iptables-save
Comment 2 Bernhard Rosenkraenzer 2001-06-27 13:03:56 UTC 
Thanks, fixed in 1.2.2-2