Bug 36418 - iptables-restore can't handle --log-prefix
Summary: iptables-restore can't handle --log-prefix
Status: CLOSED DUPLICATE of bug 37938
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: iptables   
(Show other bugs)
Version: 7.1
Hardware: i386 Linux
medium
medium
Target Milestone: ---
Assignee: Bernhard Rosenkraenzer
QA Contact: David Lawrence
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-04-18 05:21 UTC by Kevin OConnor
Modified: 2007-04-18 16:32 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-05-21 21:23:22 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Kevin OConnor 2001-04-18 05:21:25 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.3 i686; Nav)


The iptables-restore command does not properly handle the --log-prefix
command with the LOG target.  Specifically, iptables-save adds double-quote
marks around the output (which it should), but iptables-restore is unable
to handle these double-quote marks properly.  It chokes when spaces are
contained in the quoted text, and even when spaces are not present it
improperly adds the double-quotes as literals in the log message.

This effectively breaks the /etc/sysconfig/iptables setup when logging is
desired.

Reproducible: Always
Steps to Reproduce:
$ iptables -A INPUT -j LOG --log-prefix "a b c"
$ iptables-save > foo
$ iptables-restore < foo 
Bad argument `b'
Try `iptables-restore -h' or 'iptables-restore --help' for more
information.

Also:

$ iptables -A INPUT -j LOG --log-prefix "a_b_c"
$ iptables-save > foo
$ iptables-restore < foo 

Results in log: (the log prefix should not be in quotes)

Apr 18 01:00:19 ohio kernel: "a_b_c"IN=lo OUT=
MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1
LEN=84 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=ICMP TYPE=0 CODE=0 ID=36155
SEQ=256

Comment 1 Kevin Range 2001-05-21 21:23:17 UTC
This is a duplicate of 37939 and 37938.  (Or they are duplicates of this.
Whatever.)  It is reportedly fixed in iptables 1.2.2-1

Comment 2 Bernhard Rosenkraenzer 2001-05-22 17:10:00 UTC

*** This bug has been marked as a duplicate of 37938 ***


Note You need to log in before you can comment on or make changes to this bug.