Bug 98241
Summary: | (presumably buggy) depmod causes iptables firewall not to work | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux Beta | Reporter: | Nils Philippsen <nphilipp> |
Component: | kernel | Assignee: | Arjan van de Ven <arjanv> |
Status: | CLOSED RAWHIDE | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | alpha 3 | CC: | aoliva, blocke, gt, krmaxwell, pp, twaugh, vonbrand, wtogami |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2003-09-08 09:14:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 100644 |
Description
Nils Philippsen
2003-06-28 21:50:16 UTC
The error shows also with modutils as old as 2.4.18-2, but only with newer kernels, e.g. not with 2.4.20-18.9, but with all of these: kernel-2.4.20-20.1.2013.nptl kernel-2.4.20-20.1.2007.nptl kernel-2.4.20-20.1.2005.nptl Forgot to mention that when insmodding the modules by hand (in the correct order), everything works fine (substituting ipchains with iptables_nat of course). ipchains is exporting symbols, it probably shouldn't be. Still the case with 2.4.21-1.2023: /lib/modules/2.4.21-1.2023/kernel/net/ipv4/netfilter/ipt_MASQUERADE.o: /lib/modules/2.4.21-1.2023/kernel/net/ipv4/netfilter/ip_tables.o \ /lib/modules/2.4.21-1.2023/kernel/net/ipv4/netfilter/ipchains.o \ /lib/modules/2.4.21-1.2023/kernel/net/ipv4/netfilter/ip_conntrack.o *** Bug 90647 has been marked as a duplicate of this bug. *** As I mentioned in #90647, nuking ipchains.o and ipfwadm.o and rerunning depmod -a is a workaround for this bug. Why isn't this considered a blocker bug for Cambridge (#100643)? After all this _is_ a security issue. *** Bug 100428 has been marked as a duplicate of this bug. *** *** Bug 100763 has been marked as a duplicate of this bug. *** Fixed in kernel-2.4.22-1.2030.nptl Err.... -1.2030? That's a lower version number than -20.1.2024.2.36, that still has the problem. Isn't the `20.' missing in this versioning scheme? It's deliberate. The -20 was bogus. |