Bug 36418 - iptables-restore can't handle --log-prefix
iptables-restore can't handle --log-prefix
Status: CLOSED DUPLICATE of bug 37938
Product: Red Hat Linux
Classification: Retired
Component: iptables (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bernhard Rosenkraenzer
David Lawrence
Depends On:
  Show dependency treegraph
Reported: 2001-04-18 01:21 EDT by Kevin OConnor
Modified: 2007-04-18 12:32 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-05-21 17:23:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kevin OConnor 2001-04-18 01:21:25 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.3 i686; Nav)

The iptables-restore command does not properly handle the --log-prefix
command with the LOG target.  Specifically, iptables-save adds double-quote
marks around the output (which it should), but iptables-restore is unable
to handle these double-quote marks properly.  It chokes when spaces are
contained in the quoted text, and even when spaces are not present it
improperly adds the double-quotes as literals in the log message.

This effectively breaks the /etc/sysconfig/iptables setup when logging is

Reproducible: Always
Steps to Reproduce:
$ iptables -A INPUT -j LOG --log-prefix "a b c"
$ iptables-save > foo
$ iptables-restore < foo 
Bad argument `b'
Try `iptables-restore -h' or 'iptables-restore --help' for more


$ iptables -A INPUT -j LOG --log-prefix "a_b_c"
$ iptables-save > foo
$ iptables-restore < foo 

Results in log: (the log prefix should not be in quotes)

Apr 18 01:00:19 ohio kernel: "a_b_c"IN=lo OUT=
MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC= DST=
LEN=84 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=ICMP TYPE=0 CODE=0 ID=36155
Comment 1 Kevin Range 2001-05-21 17:23:17 EDT
This is a duplicate of 37939 and 37938.  (Or they are duplicates of this.
Whatever.)  It is reportedly fixed in iptables 1.2.2-1
Comment 2 Bernhard Rosenkraenzer 2001-05-22 13:10:00 EDT

*** This bug has been marked as a duplicate of 37938 ***

Note You need to log in before you can comment on or make changes to this bug.