Bug 101140 - iptables v1.2.6a: Unknown arg `--gid-owner'
iptables v1.2.6a: Unknown arg `--gid-owner'
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: iptables (Show other bugs)
8.0
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
Ben Levenson
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-07-29 11:51 EDT by Need Real Name
Modified: 2007-04-18 12:56 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-07-31 05:57:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2003-07-29 11:51:30 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2)
Gecko/20030208 Netscape/7.02

Description of problem:
Trying to use:

     iptables -A OUTPUT -m owner --gid-owner 513 -j REJECT

Yields:

iptables: Invalid argument

Under iptables v1.2.5 (on Enterprise Edition of RH)the line above is
syntactically correct.  I know because I typed the line out and the command was
accepted.  Also, I can see the rule appear on the OUPUT chain (when I type
"iptables -L")


When typing "iptables -A OUTPUT -m owner --gid-owner" I get the error listed on
the summary line.

Something has changed the funtionallity of iptables.  An seldom used version of
RedHat (Dual boot) yields the same error.

Version-Release number of selected component (if applicable):
See summary

How reproducible:
Always

Steps to Reproduce:
1.iptables -A OUTPUT -m owner --gid-owner 513 -j REJECT
2.<return and/or enter>
3.
    

Actual Results:  iptables: Invalid argument

Expected Results:  No error.

iptables -L should list a new rule in the OUTPUT Chain.

Additional info:

When originally building this machine, the command in question worked. However,
suspect one of the updates (from up2date) has changed something in iptables.

Suspect a kernel update, or a changed to iptables.

I have a serious need to block members of a certain group from having
access outside the box.
Comment 2 Need Real Name 2003-07-30 09:41:01 EDT
Grabbed src rpm and built and installed new rpm for iptables v1.2.8 

Replaced the iptables v1.2.6a with the new version.  New version fixes the
problem with the iptables command indicated in the ticket.

However, the /etc/init.d/iptables script has a problem with the save portion.  I
edited /etc/sysconfig/iptables by hand, but I usually use "service iptables save"

I currently get:

Saving firewall rules to /etc/sysconfig/iptables: /etc/init.d/iptables: line 1:
stat: command not found

I could fix the script, if I have time, however, the fix should come from RH.


Sincerely,


Stanley V. Hornyak
RedHat Certified Engineer (RHCE)

Note You need to log in before you can comment on or make changes to this bug.