Bug 446827 - CONFIG_IP_NF_MATCH_IPRANGE missing
CONFIG_IP_NF_MATCH_IPRANGE missing
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
9
All Linux
low Severity urgent
: ---
: ---
Assigned To: Kernel Maintainer List
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-16 07:00 EDT by Reindl Harald
Modified: 2008-06-06 03:44 EDT (History)
1 user (show)

See Also:
Fixed In Version: 2.6.25.4-30.fc9
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-06-06 03:44:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Reindl Harald 2008-05-16 07:00:05 EDT
After installing my first x86_64 system my Firewall-Scripts are not working
There are some differences and the following line will not work, this makes me
unable to go online with the machine:

$IPTABLES -A INPUT -p tcp  -m iprange --src-range $LAN_IPS -m multiport
--destination-port $LAN_PORTS1 -m state --state NEW --syn -j ACCEPT

[root@srv-rhsoft ~]# grep CONFIG_IP_NF /boot/config-2.6.25.3-18.fc9.x86_64
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_TARGET_CLUSTERIP=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m

[root@nb-rhsoft:/var/named/chroot/var/named/zones]$ grep CONFIG_IP_NF
/boot/config-2.6.24.5-85.fc8
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_TARGET_SAME=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_TARGET_CLUSTERIP=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
Comment 1 Dave Jones 2008-05-16 07:08:51 EDT
does it work if you do modprobe xt_iprange first ?

Looks like this is fixed in Linus' tree by commit
01b7a314291b2ef56ad718ee1374a1bac4768b29
Comment 2 Reindl Harald 2008-05-16 07:24:10 EDT
Yes After a manually "modprobe xt_iprange" my "iptables.sh" works again
Thank you very much!

Hope there will be a final fix soon, until next reboot this is ok, ssh with
public-key is open on all networks to type "iptables.sh"
Comment 3 Chuck Ebbert 2008-05-16 22:55:27 EDT
Fixed in 2.6.25.4-22
Comment 4 Reindl Harald 2008-05-17 17:16:07 EDT
Thank you, i can confirm this after manually update with the packages from koji

[root@srv-rhsoft:~]$ uname -a
Linux srv-rhsoft 2.6.25.4-23.fc9.x86_64 #1 SMP Sat May 17 02:37:26 EDT 2008
x86_64 x86_64 x86_64 GNU/Linux
Comment 5 Fedora Update System 2008-05-22 11:33:01 EDT
kernel-2.6.25.4-30.fc9 has been submitted as an update for Fedora 9
Comment 6 Fedora Update System 2008-05-28 22:51:14 EDT
kernel-2.6.25.4-30.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update kernel'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-4630
Comment 7 Fedora Update System 2008-06-06 03:44:13 EDT
kernel-2.6.25.4-30.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.