thr3ads.net - netfilter buglog - [Bug 570] New: iptables save saves broken rules for -m owner [Jan 2009]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at bugzilla.netfilter.org

2009-Jan-15 23:42 UTC

[Bug 570] New: iptables save saves broken rules for -m owner

http://bugzilla.netfilter.org/show_bug.cgi?id=570

           Summary: iptables save saves broken rules for -m owner
           Product: iptables
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P1
         Component: iptables-save
        AssignedTo: laforge at netfilter.org
        ReportedBy: bircoph at gmail.com


In iptables-1.4.2 iptables-save produce broken output for -m owner (space is
missing). Example:
[0:0] -A OUTPUT -o ! lo -m owner --uid-owner65534 -j nobody
instead of
[0:0] -A OUTPUT -o ! lo -m owner --uid-owner 65534 -j nobody

This leads to failures while restoring rules.


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

bugzilla-daemon at bugzilla.netfilter.org

2009-Jan-15 23:47 UTC

head link

[Bug 570] iptables save saves broken rules for -m owner

http://bugzilla.netfilter.org/show_bug.cgi?id=570





------- Comment #1 from bircoph at gmail.com  2009-01-16 00:47 -------
Due to internall bugzilla bugs I can't attach patch in a proper way.
So here it is:

--- iptables-1.4.2.orig/extensions/libxt_owner.c        2008-10-08
20:31:58.000000000 +0400
+++ iptables-1.4.2/extensions/libxt_owner.c     2009-01-16 02:00:18.000000000
+0300
@@ -324,7 +324,7 @@
                return;
        if (info->invert & flag)
                printf("! ");
-       printf(label);
+       printf("%s ",label);

        switch (info->match & flag) {
        case IPT_OWNER_UID:
@@ -375,7 +375,7 @@
                return;
        if (info->invert & flag)
                printf("! ");
-       printf(label);
+       printf("%s ",label);

        switch (info->match & flag) {
        case IP6T_OWNER_UID:


-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

bugzilla-daemon at bugzilla.netfilter.org

2009-Feb-11 10:35 UTC

head link

[Bug 570] iptables save saves broken rules for -m owner

http://bugzilla.netfilter.org/show_bug.cgi?id=570


laforge at netfilter.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         AssignedTo|laforge at netfilter.org       |kaber at trash.net




-- 
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
You are the assignee for the bug, or are watching the assignee.

Reasonably Related Threads

Search for more reasonably related threads

netfilter buglog - Jan 2009 - [Bug 570] New: iptables save saves broken rules for -m owner

[Bug 570] New: iptables save saves broken rules for -m owner

[Bug 570] iptables save saves broken rules for -m owner

[Bug 570] iptables save saves broken rules for -m owner

Reasonably Related Threads