bugzilla-daemon at netfilter.org
2013-Oct-03 02:11 UTC
[Bug 855] New: Can create user chains with names unparsable by iptables-restore
https://bugzilla.netfilter.org/show_bug.cgi?id=855
Summary: Can create user chains with names unparsable by
iptables-restore
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: Debian GNU/Linux
Status: NEW
Severity: minor
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: andrew at domaszek.com
Estimated Hours: 0.0
iptables allows the creation of user defined chains with whitespace or
unprintable characters which cannot be properly parsed by iptables-restore.
Steps to reproduce:
root at hephaestus:~# iptables -N $'bad\nchain.'
root at hephaestus:~# iptables-save
# Generated by iptables-save v1.4.14 on Wed Oct 2 21:57:39 2013
*filter
:INPUT ACCEPT [29:2180]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [15:1516]
:bad
chain. - [0:0]
COMMIT
# Completed on Wed Oct 2 21:57:39 2013
root at hephaestus:~# iptables-save > rulelist
root at hephaestus:~# iptables-restore < rulelist
iptables-restore v1.4.14: iptables-restore: line 6 policy invalid
Error occurred at line: 6
Try `iptables-restore -h' or 'iptables-restore --help' for more
information.
Also tested with gentoo iptables v1.4.16.3, with the same result.
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
bugzilla-daemon at netfilter.org
2013-Oct-21 20:30 UTC
[Bug 855] Can create user chains with names unparsable by iptables-restore
https://bugzilla.netfilter.org/show_bug.cgi?id=855
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |eric.bock.1980 at gmail.com
--- Comment #1 from Phil Oester <netfilter at linuxace.com> 2013-10-21
22:30:11 CEST ---
*** Bug 862 has been marked as a duplicate of this bug. ***
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
bugzilla-daemon at netfilter.org
2013-Nov-04 17:05 UTC
[Bug 855] Can create user chains with names unparsable by iptables-restore
https://bugzilla.netfilter.org/show_bug.cgi?id=855
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |netfilter at linuxace.com
Resolution| |FIXED
--- Comment #2 from Phil Oester <netfilter at linuxace.com> 2013-11-04
18:05:25 CET ---
This has been fixed in commit e0853f3c285 (iptables: improve chain name
validation). Closing.
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Apparently Analagous Threads
- [Bug 847] New: Owner matching fails on listening socket
- [Bug 849] New: 172.245.13.X doesn't appear properly in output of iptables -L
- [Bug 864] New: Verbose output options rejected when modifying chains
- Unknown qdisc "htb", hence option "default" is unparsable
- Random seed problem in MCMC coupling of chains