[Bug 562] Rule gets implicitly eliminated ("optimized away") --> But that's not ok --> A Logic Bug
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Tue Nov 25 16:26:02 CET 2008
http://bugzilla.netfilter.org/show_bug.cgi?id=562
kernel at linuxace.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kernel at linuxace.com
Status|NEW |RESOLVED
Resolution| |INVALID
------- Comment #1 from kernel at linuxace.com 2008-11-25 16:26 -------
> # BUG: if "-p tcp" is left out or if instead "-p all" is used then the rule
gets eliminated!
> /sbin/iptables -A INPUT -p tcp --dport 139 --match recent --name WATCHLIST
--set -j DROP
Yes, because that is an invalid rule without "-p tcp", since you are including
"--dport 139".
Please ask your question about this on the netfilter user mailing list, as
there is nothing wrong with iptables here, only your rules.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
You reported the bug, or are watching the reporter.
More information about the netfilter-buglog
mailing list