44118 – iptables-save saves certain rules incorrectly

Bug 44118 - iptables-save saves certain rules incorrectly

Summary: iptables-save saves certain rules incorrectly

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	iptables
Sub Component:
Version:	7.1
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Bernhard Rosenkraenzer
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-06-11 16:11 UTC by David A. Madore
Modified:	2007-04-18 16:33 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2001-06-11 18:00:35 UTC
Embargoed:

Attachments	(Terms of Use)
fix iptables-save (1.59 KB, patch) 2001-06-11 18:00 UTC, David A. Madore	no flags	Details \| Diff
View All

Description David A. Madore 2001-06-11 16:11:52 UTC

Description of Problem:
Some firewall rules are subtly altered by iptables-save. Notably, interface
names such as ppp+ become simply ppp, and --reject-with
icmp-port-unreachable becomes --reject-with icmp-proto-unreachable

How Reproducible:
always

Steps to Reproduce:
1. iptables -N TEST_CHAIN && iptables -A TEST_CHAIN -i ppp+ -j REJECT
--reject-with icmp-port-unreachable
2. iptables-save | fgrep TEST_CHAIN
3. iptables -F TEST_CHAIN && iptables -X TEST_CHAIN

Actual Results:
:TEST_CHAIN - [0:0]
-A TEST_CHAIN -i ppp -j REJECT --reject-with icmp-proto-unreachable 

Expected Results:
:TEST_CHAIN - [0:0]
-A TEST_CHAIN -i ppp+ -j REJECT --reject-with icmp-port-unreachable 

Additional Information:
iptables-1.2.1a-1 and kernel 2.4.5 (not the pristine RedHat kernel), but
this is probably irrelevant

Comment 1 David A. Madore 2001-06-11 18:00:30 UTC

Created attachment 20743 [details]
fix iptables-save

Comment 2 Bernhard Rosenkraenzer 2001-06-27 13:03:56 UTC

Thanks, fixed in 1.2.2-2

Note You need to log in before you can comment on or make changes to this bug.