Description of problem: "service iptables status" can seem to hang, probably when making reverse lookups of IP addresses which run into unreachable servers. Likewise for "service ip6tables status". Version-Release number of selected component (if applicable): iptables-1.2.8-12.3 How reproducible: Not so easy. Steps to Reproduce: 1. Configure iptables rule for a specific IP address 2. Make the nameserver for that IP not respond (that's the tricky part ;-) 3. run "service iptables status" Actual results: Seems to hang until DNS times out. Expected results: Returns numerical lists immediately. Additional info: This originally came up in #128549 "redhat-config-services locks up for 5 minutes if iptables is selected". While I plan to keep the GUI responsive in such cases, it would be better if it could display the status of iptables/ip6tables immediately instead of presenting the user an hourglass for some minutes ;-). It's the same on FC2 with iptables-1.2.9-2.3.1.
Created attachment 102643 [details] Proposed patch to fix the problem. Runs "iptables -n ... --list" and "ip6tables -n ... --list" when checking the status.
NB: I noticed this problem working on bug #128549.
There is already a check for this in /etc/sysconfig/iptables-config: IPTABLES_STATUS_NUMERIC But it is off by default.
The default behaviour will be changed for RHEL4.