[Bug 805] osf iptables[-save] errors
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sun Mar 24 11:36:50 CET 2013
http://bugzilla.netfilter.org/show_bug.cgi?id=805
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |pablo at netfilter.org
Resolution| |FIXED
--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> 2013-03-24 11:36:49 CET ---
> iptables -[L|S] and iptables-save seem to miss the --ttl and --log options.
> Therefore on restore, those settings get omitted.
http://patchwork.ozlabs.org/patch/230423/
> interpolated negation is not used, thus restore with iptables-save fails.
http://patchwork.ozlabs.org/patch/230424/
> Loading a ruleset, that uses the osf match, with iptables-save, without having
> the fingerprints loaded with nfnl_osf, results in an unspecified error at the
> very last COMMIT line. Giving no clue about the reason for the error.
This is not easy to fix, iptables error reporting is quited limitef. You will
have to make sure that nfnl_osf is always called before iptables-restore.
> Two mutual exclusive rules like:
> -m osf --genre Windows
> -m osf ! --genre Windows
http://patchwork.ozlabs.org/patch/230425/
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the netfilter-buglog
mailing list