bugzilla-daemon at bugzilla.netfilter.org
2011-Apr-02 22:01 UTC
[Bug 712] New: iptables-save does not save correcly rateest bps parameter
http://bugzilla.netfilter.org/show_bug.cgi?id=712 Summary: iptables-save does not save correcly rateest bps parameter Product: iptables Version: unspecified Platform: x86_64 OS/Version: Debian GNU/Linux Status: NEW Severity: normal Priority: P5 Component: unknown AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy: emiliolazozaia at gmail.com Estimated Hours: 0.0 I have found something that may be a bug in iptables-save or in kernel 'rateest' code. If I do: # iptables -t mangle -A Balance -m conntrack --ctstate NEW -m rateest --rateest1 wan1meter --rateest-bps 1000kbit --rateest-bps1 1000kbit --rateest-gt --rateest2 wan2meter --rateest-delta -j CONNMARK --set-mark 1 its the corresponding line in iptables -L is: CONNMARK all -- anywhere anywhere ctstate NEW rateest match wan1meter delta bps 1000Kbit gt wan2meter delta bps 1000Kbit CONNMARK set 0x1 so it seems to be right, but the line in iptables-save is: -A Balance -m conntrack --ctstate NEW -m rateest --rateest1 wan1meter --rateest-bps --rateest-gt --rateest2 wan2meter -j CONNMARK --set-xmark 0x1/0xffffffff this seems to be wrong; after iptables-restore with the generated file, this iptables rule becames: CONNMARK all -- anywhere anywhere ctstate NEW rateest match wan1meter bps gt wan2meter bps CONNMARK set 0x1 there is neither bps value nor delta parameter, like the saved iptables rule. I guess the bug is in iptables-save and not in the kernel but really I don't know if the kernel honours these parameters. (iptables version 1.4.10, Debian kernel 2.6.38-2-amd64) -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2011-Jun-01 00:12 UTC
[Bug 712] iptables-save does not save correcly rateest bps parameter
http://bugzilla.netfilter.org/show_bug.cgi?id=712 Jan Engelhardt <jengelh at medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh at medozas.de AssignedTo|netfilter- |jengelh at medozas.de |buglog at lists.netfilter.org | -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2011-Jun-01 00:13 UTC
[Bug 712] iptables-save does not save correcly rateest bps parameter
http://bugzilla.netfilter.org/show_bug.cgi?id=712 Jan Engelhardt <jengelh at medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
Possibly Parallel Threads
- [Bug 712] iptables-save does not save correcly rateest bps parameter
- [Bug 724] New: Iptables doesn't delete rules matching if target is RATEEST - patch attached
- Plot command drops part of the plot for large plots in multiple figure environment
- hfsc and bps
- [ANNOUNCE] iptables 1.4.14 release