bugzilla-daemon at netfilter.org
2024-Apr-29 12:09 UTC
[Bug 1751] New: ip6tables-restore doesn't restore counters
https://bugzilla.netfilter.org/show_bug.cgi?id=1751
Bug ID: 1751
Summary: ip6tables-restore doesn't restore counters
Product: iptables
Version: 1.8.x
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: minor
Priority: P5
Component: iptables-restore
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: anton.khazan at gmail.com
Created attachment 742
--> https://bugzilla.netfilter.org/attachment.cgi?id=742&action=edit
shell script demonstrating the bug
To reproduce the issue:
ip6tables -X TEST_CNT 2>/dev/null
cat <<EOF | ip6tables-restore -c -n
*filter
:TEST_CNT - [0:0]
[1024:1024] -A TEST_CNT -m comment --comment test_cnt -j ACCEPT
COMMIT
EOF
# end of script
Expected output:
[1024:1024] -A TEST_CNT -m comment --comment test_cnt -j ACCEPT
Actual output:
[0:0] -A TEST_CNT -m comment --comment test_cnt -j ACCEPT
The issue only affects ip6tables-restore (iptables-restore does restore the
counters).
Tested on Linux Mint with nftables.
'ip6tables -V' output:
ip6tables v1.8.7 (nf_tables)
The issue is not happening with ip6tables-restore v1.6.0 on another Debian
system (no nftables installed).
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240429/1d7cd6b0/attachment.html>
bugzilla-daemon at netfilter.org
2024-Apr-29 12:20 UTC
[Bug 1751] ip6tables-restore doesn't restore counters
https://bugzilla.netfilter.org/show_bug.cgi?id=1751
anton.khazan at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |anton.khazan at gmail.com
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240429/7b0c41ca/attachment.html>
bugzilla-daemon at netfilter.org
2024-Apr-29 21:06 UTC
[Bug 1751] ip6tables-restore doesn't restore counters
https://bugzilla.netfilter.org/show_bug.cgi?id=1751 --- Comment #1 from anton.khazan at gmail.com --- Sorry, the description doesn't include the command which I'm using to check the resulting rule: ip6tables-save -c | grep test_cnt -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240429/e74532f5/attachment.html>
bugzilla-daemon at netfilter.org
2024-Apr-30 08:35 UTC
[Bug 1751] ip6tables-restore doesn't restore counters
https://bugzilla.netfilter.org/show_bug.cgi?id=1751
Phil Sutter <phil at nwl.cc> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |phil at nwl.cc
Resolution|--- |WORKSFORME
--- Comment #2 from Phil Sutter <phil at nwl.cc> ---
Should be fixed upstream by commit ed839159edf8b ("iptables: Fix setting of
ipv6 counters"). The first release containing it is v1.8.10, could you
please
try that version? v1.8.7 is three years old already. Feel free to reopen in
case you see this happening in a recent version.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240430/9c5db07e/attachment.html>
Apparently Analagous Threads
- [Bug 1735] New: Adding nftables interval sets progressively gets slower and makes the nft CLI less responsive with each added set
- [Bug 1751] New: ssh-add -s /usr/lib/opensc-pkcs11.so does not work
- Cisco 1751 setup with asterisk
- CEBA-2013:1751 CentOS 6 openssl Update
- [Bug 1186] New: ip6tables-restore not passing useful error messages from ip6tables