Red Hat Bugzilla – Bug 74518
iptables modules load even if no firewall used
Last modified: 2014-03-16 22:31:09 EDT
Description of Problem:
Due to the way ifup checks for firewall existence, it actually loads iptables
modules and they stay resident after bootup, even if the user chose no firewall
at install time:
# Is there a firewall running, and does it look like one we configured?
if iptables -L -n 2>/dev/null | grep -q RH-Lokkit-0-50-INPUT ; then
the iptables command above is what triggers the iptable_filter and ip_tables
modules to load:
[root@papp100 root]# lsmod
Module Size Used by Not tainted
iptable_filter 2412 0 (autoclean) (unused)
ip_tables 14936 1 [iptable_filter]
Version-Release number of selected component (if applicable): 6.95-1
How Reproducible: Every time.
Steps to Reproduce:
1. Boot the system
Actual Results: ip_tables and iptable_filter modules load even if user has no
Expected Results: Modules above shouldn't be loaded if there are no firewall
This could be confusing to users who chose "no firewall" yet see iptables
modules loaded when doing an lsmod.
Changed in 7.03-1.