Bug 242457 - Wrong init script [NEEDINFO]
Summary: Wrong init script
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: iptables
Version: 5.0
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: iptables-maint-list
QA Contact: Ben Levenson
Depends On:
Blocks: 237789 242458 242459
TreeView+ depends on / blocked
Reported: 2007-06-04 12:22 UTC by Michal Marciniszyn
Modified: 2014-02-10 23:02 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2009-09-02 10:59:52 UTC
kvolny: needinfo? (mmarcini)

Attachments (Terms of Use)
Proposed init script patch for LSB conformance (3.00 KB, patch)
2009-05-04 11:00 UTC, Thomas Woerner
no flags Details | Diff

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:1414 normal SHIPPED_LIVE iptables bug fix and enhancement update 2009-09-01 13:33:16 UTC

Description Michal Marciniszyn 2007-06-04 12:22:49 UTC
Description of problem:
ip6tables and iptables init scripts contain several bugs. Both of them wrongly
return error codes and also call of status code is not correct. For example
if lsmod 2>/dev/null | grep -q ipchains ; then
    echo -n $"ipchains and $IPTABLES can not be used together."; warning; echo
    exit 0
should not return exit code 0. Also status shoud be run always (irrespectible
whether the service could be successfully started).

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
When fixing this bug, please obbey our init script guidelines and be sure that
status command is run correctly.
Our guidelines are on following two pages:

For an example of the script that returns the error codes correctly and always
runs status see:

This bug is tracked by 237789.

Comment 1 RHEL Product and Program Management 2007-06-05 20:25:58 UTC
This request was evaluated by Red Hat Product Management for
inclusion in a Red Hat Enterprise Linux release.  Since this
bugzilla is in a component that is not approved for the current
release, it has been closed with resolution deferred.  You may
reopen this bugzilla for consideration in the next release.

Comment 6 Karel Volný 2009-01-28 11:41:54 UTC
(In reply to comment #0)
> For example
> if lsmod 2>/dev/null | grep -q ipchains ; then
>     echo -n $"ipchains and $IPTABLES can not be used together."; warning; echo
>     exit 0
> fi

just a question ... we do not ship ipchains(*), shouldn't be that code dropped completely?

(*) well, is that usable with any kernel we ship? - RHEL-2.1 U6 has 2.4.9 with iptables ...

otherwise, is there any sane way how to test that condition?

Comment 13 Thomas Woerner 2009-05-04 11:00:13 UTC
Created attachment 342291 [details]
Proposed init script patch for LSB conformance

Comment 14 Thomas Woerner 2009-05-04 11:02:21 UTC

can you please have a look at the patch from comment #13. Are the return codes ok for you?


Comment 21 errata-xmlrpc 2009-09-02 10:59:52 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.