iptables.service has been split out to iptables-services-1.4.16.2-3.fc18 (with some reference to Bug 862922 - RFE: rework service packaging). That is probably ok now when we have firewalld. (It is however misleading that /etc/sysconfig/iptables-config is in iptables - it seems like it belongs in -services.) But AFAICS it is a critical problem that upgraded systems will get iptables-1.4.16.2-3.fc18.x86_64 without iptables.services and thus no longer get their firewall rules applied. That could compromise system security or availability. I would expect that some rpm magic was applied so systems upgraded from iptables < 18 also got iptables-services. I don't know if anaconda will handle this somehow, but it seems to me like it would be NTH.
iptables-1.4.16.2-4.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/iptables-1.4.16.2-4.fc18
http://pkgs.fedoraproject.org/cgit/iptables.git/commit/?id=dd96cc55858e1fbd66f07a9e383c49bd4e79c701 * Fri Nov 02 2012 Thomas Woerner <twoerner> 1.4.16.2-4 - fixed missing services for update of pre F-18 installations (rhbz#867960) - provide and obsolete old main package in services sub package - provide and obsolete old ipv6 sub package (pre F-17) in services sub package
Package iptables-1.4.16.2-4.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing iptables-1.4.16.2-4.fc18' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-17528/iptables-1.4.16.2-4.fc18 then log in and leave karma (feedback).
Package iptables-1.4.16.2-5.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing iptables-1.4.16.2-5.fc18' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-17528/iptables-1.4.16.2-5.fc18 then log in and leave karma (feedback).
This has been ON_QA for almost a month now, has anyone tested the fix to see if this has been fixed?
Looks fixed to me. I just tested a yum upgrade of a minimal F17 install to F18. iptables-services is installed after upgrade, 'systemctl status iptables.service' shows it successfully loaded during boot, and 'iptables -L' shows what looks like a working firewall config. Setting closed, as the update went stable long ago.