Bug 507743 - Add 802.1q subinterface support to iptables report
Summary: Add 802.1q subinterface support to iptables report
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: logwatch
Version: 11
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Karel Klíč
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-06-23 22:35 UTC by Allen Kistler
Modified: 2013-03-03 22:59 UTC (History)
3 users (show)

Fixed In Version: 7.3.6-46.fc11
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-01-19 01:02:42 UTC


Attachments (Terms of Use)
Patch to /usr/share/logwatch/scripts/services/iptables (694 bytes, patch)
2009-06-23 22:35 UTC, Allen Kistler
no flags Details | Diff

Description Allen Kistler 2009-06-23 22:35:46 UTC
Created attachment 349165 [details]
Patch to /usr/share/logwatch/scripts/services/iptables

Description of problem:
802.1q VLAN subinterfaces have names like eth0.1, eth0.2, eth7.285, etc.  The current version drops the subinterface number.  The attached patch adds the ability to keep the subinterface info.

Version-Release number of selected component (if applicable):
logwatch-7.3.6-42.fc11.noarch

How reproducible:
Always

Steps to Reproduce:
1. Set up a physical interface to be an 802.1q trunk
2. Define some VLAN subinterfaces on the trunk interface
3. Set up netfilter/iptables to log packets on the subinterfaces
4. Run the logwatch iptables service report

Actual results:
All the subinterface traffic is aggregated into the the trunk interface
(see below)

Expected results:
Subinterface traffic info is broken out
(see below)

Additional info:
I'm also submitting this patch upstream.


(Live from my machine) example without the patch:

 --------------------- iptables firewall Begin ------------------------ 

 Listed by source hosts:
 Accepted 6 packets on interface eth0
   From 192.168.1.3 - 3 packets to icmp(8) 
   From 192.168.3.3 - 3 packets to icmp(8) 
 
 Listed by source hosts:
 Dropped 14 packets on interface eth0
   From 192.168.3.3 - 14 packets to udp(53) 
 
 ---------------------- iptables firewall End ------------------------- 


(Live from my machine) example with the patch:

 --------------------- iptables firewall Begin ------------------------ 

 Listed by source hosts:
 Accepted 3 packets on interface eth0.2
   From 192.168.1.3 - 3 packets to icmp(8) 
 
 Listed by source hosts:
 Accepted 3 packets on interface eth0.4
   From 192.168.3.3 - 3 packets to icmp(8) 
 
 Listed by source hosts:
 Dropped 14 packets on interface eth0.4
   From 192.168.3.3 - 14 packets to udp(53) 
 
 ---------------------- iptables firewall End -------------------------

Comment 1 Ivana Varekova 2009-06-24 07:33:15 UTC
I just sent your patch to upstream:

http://www2.list.logwatch.org:81/pipermail/logwatch-devel/2009-June/002102.html

Comment 2 Allen Kistler 2009-06-25 04:01:03 UTC
(In reply to comment #1)
> I just sent your patch to upstream:
> 
> http://www2.list.logwatch.org:81/pipermail/logwatch-devel/2009-June/002102.html  

Well, then they're sure to get it.
I sent it upstream to logwatch-patches ...

Comment 3 Allen Kistler 2009-12-15 16:46:29 UTC
Re: Status change on 2 Dec

How has the bug been modified?
There's nothing in updates-testing or even in Koji.

Am I missing something?

Comment 4 Karel Klíč 2009-12-15 16:54:00 UTC
Allen,
I am sorry for confusing you, I applied your patch to my CVS but I haven't commited it to Fedora CVS or built it yet, as adding other patches is a work in progress.

I plan to finish the update this week. 
I hope that is acceptable for you.

Comment 5 Fedora Update System 2009-12-16 16:25:05 UTC
logwatch-7.3.6-46.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/logwatch-7.3.6-46.fc11

Comment 6 Fedora Update System 2009-12-16 16:27:16 UTC
logwatch-7.3.6-49.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/logwatch-7.3.6-49.fc12

Comment 7 Karel Klíč 2009-12-16 16:31:31 UTC
Update has been prepared.

Thank you for the patch.

Comment 8 Fedora Update System 2009-12-18 04:46:58 UTC
logwatch-7.3.6-46.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update logwatch'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2009-13395

Comment 9 Fedora Update System 2010-01-19 01:00:02 UTC
logwatch-7.3.6-49.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2010-01-19 01:02:34 UTC
logwatch-7.3.6-46.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.