This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
First Last Prev Next    This bug is not in your last search results.
Bug 216388 - iptables are wide open and have bad sig
iptables are wide open and have bad sig
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: iptables (Show other bugs)
6
All Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-11-20 01:23 EST by Darwin H. Webb
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-11-29 08:19:11 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Darwin H. Webb 2006-11-20 01:23:27 EST 
Description of problem:
iptables has been wide open since Aug-24 version.
For FC6 and FC7-devel.


Version-Release number of selected component (if applicable):
iptables.i386 0:1.3.5-1.2.1

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
=============================================================================
 Package                 Arch       Version          Repository        Size 
=============================================================================
Installing:
 iptables                i386       1.3.5-1.2.1      development       236 k

Transaction Summary
=============================================================================
Install      1 Package(s)         
Update       0 Package(s)         
Remove       0 Package(s)         

Total download size: 236 k
Is this ok [y/N]: y
Downloading Packages:
(1/1): iptables-1.3.5-1.2 100% |=========================| 236 kB    00:02     
Running Transaction Test
warning: iptables-1.3.5-1.2.1: Header V3 DSA signature: NOKEY, key ID 897da07a
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: iptables                     ######################### [1/1] 

Installed: iptables.i386 0:1.3.5-1.2.1
Complete!
[root@Jovette-14 deck]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root@Jovette-14 deck]#
Comment 1 Thomas Woerner 2006-11-29 08:19:11 EST 
iptables is the userland config tool. The firewall rules are not provided by the
iptables package, they can be generated by anaconda and lokkit.

Please use system-config-securitylevel to generate a firewall configuration.

FOr the signature: Please open a bug against distribution for this.
Comment 2 Darwin H. Webb 2006-11-29 21:37:07 EST 
No, No, NO, you are off the facts.
Iptables are the firewall.
The iptables went from what is installed by the system to accept all and I din't
touch them.

Anancanonda is not going to generate the iptables after the fact.
(if this true, it a really secure secert. Please point to the documentation that
it occurs in.)

system-config-securitylevel, is only for seting extra ports not defining a
complete firewall. And if changed else where , this tool will actually wipe them
out.

But hey, it is just a bug, not my bug, FC bug. Fix it or don't.

Darwin
Comment 3 Darwin H. Webb 2006-11-30 09:45:01 EST 
Well, the updates of Nov 30th for rawhide fixed the iptables back to what they
usually are in the FW/Secuirty gui.
They also fixed the crash of iptables at bootup.

(and, unrelated, the cpufreq, and the missing machine id file)

So maybe FC6 updates will fix it too.
But I can't update those until tomorrow.

Darwin
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.