Displaying 20 results from an estimated 20000 matches similar to: "[Bug 790] Normalize iptables rules"
2013 Jun 20
0
[Bug 790] Normalize iptables rules
https://bugzilla.netfilter.org/show_bug.cgi?id=790
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
--- Comment #4 from Phil Oester <netfilter at linuxace.com> 2013-06-20
2013 Jun 24
0
[Bug 790] Normalize iptables rules
https://bugzilla.netfilter.org/show_bug.cgi?id=790
--- Comment #6 from Phil Oester <netfilter at linuxace.com> 2013-06-24 16:13:49 CEST ---
Since your script produces the output of ipt1, just make sure you use the same
order as iptables-save does. Iptables-save will always output args in the same
order. The bug appears to be in the output you are creating, which is beyond
our control.
--
2013 Jul 01
0
[Bug 790] Normalize iptables rules
https://bugzilla.netfilter.org/show_bug.cgi?id=790
--- Comment #10 from Andor <tothandor at gmail.com> 2013-07-01 16:28:29 CEST ---
Pitily netns appeared only after 3.0.
--
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
2013 Jun 24
0
[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
https://bugzilla.netfilter.org/show_bug.cgi?id=580
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |netfilter at linuxace.com
Resolution|
2013 May 30
0
[Bug 773] iptables performance limits on # of rules using ipset
https://bugzilla.netfilter.org/show_bug.cgi?id=773
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC|jengelh at medozas.de |netfilter at linuxace.com
Resolution|
2013 Aug 27
0
[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
https://bugzilla.netfilter.org/show_bug.cgi?id=580
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|jengelh at medozas.de |netfilter-buglog at lists.netf
| |ilter.org
--
Configure
2013 May 23
0
[Bug 536] C++ compilation failure when using the iptables header files
https://bugzilla.netfilter.org/show_bug.cgi?id=536
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |netfilter at linuxace.com
Resolution|
2013 May 29
0
[Bug 756] iptables: Memory allocation problem.
https://bugzilla.netfilter.org/show_bug.cgi?id=756
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
--- Comment #2 from Phil Oester <netfilter at linuxace.com> 2013-05-29
2013 Jun 11
0
[Bug 325] Parallel execution of the iptables is impossible.
https://bugzilla.netfilter.org/show_bug.cgi?id=325
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |netfilter at linuxace.com
Resolution|
2013 Jun 11
0
[Bug 758] Retry iptables command on transient failure
https://bugzilla.netfilter.org/show_bug.cgi?id=758
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |netfilter at linuxace.com
Resolution|
2013 Jul 26
0
[Bug 679] iptables-xml missing <match> in first <conditions> node
https://bugzilla.netfilter.org/show_bug.cgi?id=679
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |netfilter at linuxace.com
Resolution|
2013 Jun 21
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
--- Comment #3 from Phil Oester <netfilter at linuxace.com> 2013-06-21
2013 Jun 10
0
[Bug 599] netfilter/iptables leaking traffic when long chains are defined
https://bugzilla.netfilter.org/show_bug.cgi?id=599
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME
--- Comment #5 from Phil Oester
2013 Jun 24
0
[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
https://bugzilla.netfilter.org/show_bug.cgi?id=580
--- Comment #5 from Phil Oester <netfilter at linuxace.com> 2013-06-24 20:07:02 CEST ---
Unclear how you can say with certainty that this is impossible, but let's
ignore that point for the moment.
Is there some reason that iptables-save should do the sorting for userspace
scripts? Another alternative would be to always load the
2013 Jun 24
0
[Bug 580] iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules
https://bugzilla.netfilter.org/show_bug.cgi?id=580
--- Comment #7 from Phil Oester <netfilter at linuxace.com> 2013-06-24 23:34:51 CEST ---
> would you be thrilled if all the rules were in random order too?
This comparison is a bit far fetched, given that ordering of rules is so
important (accept before drop, etc). The order in which tables are output in
iptables-save is largely
2013 May 20
0
[Bug 325] Parallel execution of the iptables is impossible.
https://bugzilla.netfilter.org/show_bug.cgi?id=325
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sworddragon2 at aol.com
--- Comment #7 from Phil Oester <netfilter at linuxace.com> 2013-05-20 22:35:01
2013 Jun 10
0
[Bug 756] iptables: Memory allocation problem.
https://bugzilla.netfilter.org/show_bug.cgi?id=756
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WORKSFORME
--- Comment #3 from Phil Oester
2013 Jul 09
0
[Bug 616] Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment.
https://bugzilla.netfilter.org/show_bug.cgi?id=616
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution| |WONTFIX
--- Comment #10 from Phil Oester
2013 Jul 01
0
[Bug 790] Normalize iptables rules
https://bugzilla.netfilter.org/show_bug.cgi?id=790
Andor <tothandor at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |INVALID
--- Comment #9 from Andor <tothandor at
2013 Jun 24
0
[Bug 790] Normalize iptables rules
https://bugzilla.netfilter.org/show_bug.cgi?id=790
--- Comment #5 from Andor <tothandor at gmail.com> 2013-06-24 11:34:44 CEST ---
ipt1 is an output of a firewall script mainly edited by hand, where parameters
order may vary.
ipt2 is the output of iptables-save, where parameters are strictly ordered.
As written before, the difference in parameter order spoils the comparison of
two