Bug 76356 - unclean module matches udp packets without chksum as being invalid
unclean module matches udp packets without chksum as being invalid
Product: Red Hat Linux
Classification: Retired
Component: iptables (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2002-10-20 15:45 EDT by Need Real Name
Modified: 2007-04-18 12:47 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-08-16 12:11:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2002-10-20 15:45:23 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 

Description of problem:
the iptables that comes with all versions of RH (including 8.0) has a problem 
with the unclean module : unclean matches all udp packets that don't have the 
chksum field as being invalid (and from rfc... udp packets do NOT need to have 
the chksum)

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.set the iptables to log and drop all unclean packets
2.try to connect to wwws.sun.com (you can try to browse www.sun.com->downloads)

Actual Results:  connection will timeout and in the logs you will see several 
lines that states that iptables droped several upd packets with chksum zero 

Expected Results:  to be able to connect to wwws.sun.com

Additional info:

there are several fixes for this bug, including that the team that created 
iptables released a patch
Comment 1 Thomas Woerner 2004-08-16 12:11:08 EDT
Please verify this with a newer version of Red Hat Enterprise Linux or
Fedora Core and reopen it against the new version if it still occurs.

Closing as "not a bug" for now.

Note You need to log in before you can comment on or make changes to this bug.