[Bug 520] New: iptables-save put a invalid entry in file (module
ipt_icmp)
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Fri Sep 29 16:18:48 CEST 2006
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=520
Summary: iptables-save put a invalid entry in file (module
ipt_icmp)
Product: iptables
Version: 1.3.5
Platform: i386
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: iptables-save
AssignedTo: laforge at netfilter.org
ReportedBy: vinicius at america-net.com.br
CC: vinicius at america-net.com.br
The bug occurs when I have one icmp rule without icmp-type.
Tested from iptables 1.2.9 to 1.3.5, all these versions have the same problem.
I add the rule:
$ iptables -A INPUT -p icmp -j ACCEPT
So, I do the following command do sabe my rules:
$ iptables-save > /etc/iptables.rules
In the next reboot, my firewall script try to restore the firewall rules:
$ iptables-restore < /etc/iptables.rules
The last command returns:
Bad argument `any'
Try `iptables -h' or 'iptables --help' for more information.
It occurs because the iptables-save write this line:
-A INPUT -m icmp -p icmp any -j ACCEPT
"any" is not a valid libipt_icmp option.
The line saved would be:
-A INPUT -m icmp -p icmp --icmp-type any -j ACCEPT
Regards
Vinicius M. de Souza
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list