Bug 82860 - /etc/init.d/ip6tables mistakenly refers to ipv4 iptables /proc files?
/etc/init.d/ip6tables mistakenly refers to ipv4 iptables /proc files?
Product: Red Hat Linux
Classification: Retired
Component: iptables (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Thomas Woerner
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2003-01-27 15:47 EST by Need Real Name
Modified: 2007-04-18 12:50 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-07-03 05:34:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2003-01-27 15:47:45 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2) Gecko/20021202

Description of problem:
Line 54 in /etc/init.d/ip6tables refers to /proc/net/ip_tables_names to clear
out existing defined chains. Surely this should be /proc/net/ip6_tables_names? 
This generates an error when the internal chains for the different IP versions

Also the security guide, section "ip6tables" at:


says that "IPChains and IPTables services must be turned off to use the
IP6Tables service". This doesn't appear to be true for this IPV6 newbie: the two
operate independently.

If I'm misunderstanding the inter-relationship between iptables in IPV4 and IPV6
my apologies.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Set up different new user-defined chains in iptables for IPV4
2. service ip6tables start
3. See errors about non-existent tables for IPV6

Actual Results:  Flushing all current rules and user defined chains:        [  OK  ]
Clearing all current rules and user defined chains:        [  OK  ]
ip6tables v1.2.5: can't initialize ip6tables table `nat': Table does not exist
(do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Expected Results:  Flushing all current rules and user defined chains:        [
 OK  ]
Clearing all current rules and user defined chains:        [  OK  ]
Applying ip6tables firewall rules:                         [  OK  ]
                                                           [  OK  ]

Additional info:
Comment 1 Michael Schwendt 2003-02-01 16:38:00 EST
1. Yes, should be /proc/net/ip6_tables_names.

2. You are right, IPv4 and IPv6 iptables can co-exist.

But the second bug report is about a documentation issue and hence should be
reported about "Component: rhl-sg" (Red Hat Linux Security Guide).
Comment 2 Thomas Woerner 2003-07-03 05:34:20 EDT
Fixed in the new 1.2.8-4.x version. This version has a new startup script and an
additional config file.

> # Additional iptables modules (nat helper)
> # Default: -empty-
> #IPTABLES_MODULES="ip_nat_ftp"
> # Save current firewall rules on stop.
> # Value: yes|no,  default: no
> # Save current firewall rules on restart.
> # Value: yes|no,  default: no
> # Save rule counter.
> # Value: yes|no,  default: yes
> # Numeric status output
> # Value: yes|no,  default: no

RPM packages for 7.x:

RPM packages for 8.0:

RPM packages for 9:

Note You need to log in before you can comment on or make changes to this bug.