similar to: [Bug 790] Normalize iptables rules

Displaying 20 results from an estimated 20000 matches similar to: "[Bug 790] Normalize iptables rules"

2013 Jun 24
0
[Bug 790] Normalize iptables rules
https://bugzilla.netfilter.org/show_bug.cgi?id=790 --- Comment #6 from Phil Oester <netfilter at linuxace.com> 2013-06-24 16:13:49 CEST --- Since your script produces the output of ipt1, just make sure you use the same order as iptables-save does. Iptables-save will always output args in the same order. The bug appears to be in the output you are creating, which is beyond our control. --
2013 Jun 24
0
[Bug 790] Normalize iptables rules
https://bugzilla.netfilter.org/show_bug.cgi?id=790 --- Comment #5 from Andor <tothandor at gmail.com> 2013-06-24 11:34:44 CEST --- ipt1 is an output of a firewall script mainly edited by hand, where parameters order may vary. ipt2 is the output of iptables-save, where parameters are strictly ordered. As written before, the difference in parameter order spoils the comparison of two
2013 Jun 28
0
[Bug 790] Normalize iptables rules
https://bugzilla.netfilter.org/show_bug.cgi?id=790 --- Comment #8 from Phil Oester <netfilter at linuxace.com> 2013-06-28 17:45:18 CEST --- Have you considered setting up a different network namespace to achieve this? For instance: ip netns add test ip netns exec test iptables-restore < /tmp/ipts ip netns exec test iptables-save This would seem to achieve the results you are looking
2013 Jun 24
0
[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
https://bugzilla.netfilter.org/show_bug.cgi?id=580 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |netfilter at linuxace.com Resolution|
2013 May 30
0
[Bug 773] iptables performance limits on # of rules using ipset
https://bugzilla.netfilter.org/show_bug.cgi?id=773 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC|jengelh at medozas.de |netfilter at linuxace.com Resolution|
2013 May 23
0
[Bug 536] C++ compilation failure when using the iptables header files
https://bugzilla.netfilter.org/show_bug.cgi?id=536 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |netfilter at linuxace.com Resolution|
2013 May 29
0
[Bug 756] iptables: Memory allocation problem.
https://bugzilla.netfilter.org/show_bug.cgi?id=756 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter at linuxace.com --- Comment #2 from Phil Oester <netfilter at linuxace.com> 2013-05-29
2013 Jun 11
0
[Bug 325] Parallel execution of the iptables is impossible.
https://bugzilla.netfilter.org/show_bug.cgi?id=325 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |netfilter at linuxace.com Resolution|
2013 Jun 11
0
[Bug 758] Retry iptables command on transient failure
https://bugzilla.netfilter.org/show_bug.cgi?id=758 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |netfilter at linuxace.com Resolution|
2013 Jul 26
0
[Bug 679] iptables-xml missing <match> in first <conditions> node
https://bugzilla.netfilter.org/show_bug.cgi?id=679 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |netfilter at linuxace.com Resolution|
2013 Jun 21
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter at linuxace.com --- Comment #3 from Phil Oester <netfilter at linuxace.com> 2013-06-21
2013 Aug 27
0
[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
https://bugzilla.netfilter.org/show_bug.cgi?id=580 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|jengelh at medozas.de |netfilter-buglog at lists.netf | |ilter.org -- Configure
2013 Jun 10
0
[Bug 599] netfilter/iptables leaking traffic when long chains are defined
https://bugzilla.netfilter.org/show_bug.cgi?id=599 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME --- Comment #5 from Phil Oester
2013 May 20
0
[Bug 325] Parallel execution of the iptables is impossible.
https://bugzilla.netfilter.org/show_bug.cgi?id=325 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sworddragon2 at aol.com --- Comment #7 from Phil Oester <netfilter at linuxace.com> 2013-05-20 22:35:01
2013 Jun 10
0
[Bug 756] iptables: Memory allocation problem.
https://bugzilla.netfilter.org/show_bug.cgi?id=756 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME --- Comment #3 from Phil Oester
2013 Jul 09
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |WONTFIX --- Comment #10 from Phil Oester
2013 Jun 24
0
[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
https://bugzilla.netfilter.org/show_bug.cgi?id=580 --- Comment #5 from Phil Oester <netfilter at linuxace.com> 2013-06-24 20:07:02 CEST --- Unclear how you can say with certainty that this is impossible, but let's ignore that point for the moment. Is there some reason that iptables-save should do the sorting for userspace scripts? Another alternative would be to always load the
2013 Jun 24
0
[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
https://bugzilla.netfilter.org/show_bug.cgi?id=580 --- Comment #7 from Phil Oester <netfilter at linuxace.com> 2013-06-24 23:34:51 CEST --- > would you be thrilled if all the rules were in random order too? This comparison is a bit far fetched, given that ordering of rules is so important (accept before drop, etc). The order in which tables are output in iptables-save is largely
2013 Aug 27
0
[Bug 630] Enhancement: Allow rules to specify ICMP type ranges.
https://bugzilla.netfilter.org/show_bug.cgi?id=630 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter at linuxace.com AssignedTo|pablo at netfilter.org |netfilter-buglog at lists.netf
2013 May 24
2
[Bug 591] NAT REDIRECT target does not always work
https://bugzilla.netfilter.org/show_bug.cgi?id=591 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter at linuxace.com --- Comment #3 from Phil Oester <netfilter at linuxace.com> 2013-05-24