First Last Prev Next    This bug is not in your last search results.
Bug 31460 - iptables-restore fails to restore some rules
iptables-restore fails to restore some rules
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: iptables (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-03-11 16:36 EST by CoreDump
Modified: 2007-04-18 12:32 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-03-11 16:36:43 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description CoreDump 2001-03-11 16:36:39 EST 
From Bugzilla Helper:
User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.0-0.99.11 i586)




Reproducible: Always
Steps to Reproduce:
1.copy this file to /etc/sysconfig/iptables
2./etc/init.d/iptables start


Actual Results:  Flushing all current rules and user defined chains:       
[  OK  ]
Clearing all current rules and user defined chains:        [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
Bad argument `SYN'
Try `iptables-restore -h' or 'iptables-restore --help' for more
information.
                                                           [FAILED]


Expected Results:  It was saved by iptables-save, so I suppose it should
reload without problems.


The file to be copied to /etc/sysconfig/iptables:

*filter
:INPUT DROP [0:0]
[0:0] -s 1.1.1.1 -d 1.1.1.1 -i eth0 -p udp -m udp --sport 53 --dport
1024:65535 -j ACCEPT 
[0:0] -d 1.1.1.1 -i eth0 -p tcp -m tcp --dport 1024:65535 ! --tcp-flags
SYN,RST,ACK SYN -j ACCEPT 
COMMIT

(maybe some lines are broken by netscape :)

Strange is that the line with SYN itself doesn't cause any problem, only
together with the line before it.
Comment 1 Bernhard Rosenkraenzer 2001-03-21 15:31:05 EST 
Seems to work in 1.2.1a-1.
Comment 2 Dragu Bogdan 2005-03-03 13:10:12 EST 
for me it stil not work, do i have to change the 1.1.1.1 whit my ip ??
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.