Red Hat Bugzilla – Bug 55124
iptables will not accept a rule with a numeric TOS set
Last modified: 2008-05-01 11:38:01 EDT
Description of Problem:If the TOS is set to say 8 iptables complains that
this is not valid. Set it to Maximize-Throughput and the rule will load.
The man page and iptables -j TOS -h indicate the following:
TOS target v1.2.3 options:
--set-tos value Set Type of Service field to one of
following numeric or descriptive values:
Minimize-Delay 16 (0x10)
Maximize-Throughput 8 (0x08)
Maximize-Reliability 4 (0x04)
Minimize-Cost 2 (0x02)
Normal-Service 0 (0x00)
Version-Release number of selected component (if applicable):
How Reproducible:Every time
Steps to Reproduce:
1. Load a rule with --set-tos set to a numeric value.
2. this used to work under iptables rules loaded on a 7.0 system.
3. IIRC iptables did not come with 7.0. I got the rpms for 7.0 directly
from the netfilter web site. the man page still indicates what I am doing
Actual Results:Iptables complains that the numeric values (I tried them
all just for giggles) are invalid. the descriptive values appear to work.
Expected Results:The rule should load without error
Additional Information:FYI: I entered bug 55123 which is the same type of
problem but related to logging level.
Same here as with bug #55123. Fixed with iptables-1.2.4.
Created attachment 35162 [details]
Btw, also covered in bug #54280 with a longer patch which patches the IPv6
Note that "iptables-save" uses hex constants (0x10, for example) when writing
out /etc/sysconfig/iptables, so anyone who uses "service iptables save" with
--set-tos rules will run into this bug.
*** This bug has been marked as a duplicate of 54280 ***