Displaying 20 results from an estimated 4000 matches similar to: "[Bug 874] New: Any conntrack conditions specified with --ctstate INVALID are not checked"
2013 Nov 23
1
[Bug 873] New: iptables -I CHAIN -m conntrack ! --ctproto 0 is intended to produce an error message, but it doesn't (usually)
https://bugzilla.netfilter.org/show_bug.cgi?id=873
Summary: iptables -I CHAIN -m conntrack ! --ctproto 0 is
intended to produce an error message, but it doesn't
(usually)
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority:
2013 Nov 23
2
[Bug 875] New: iptables -m conntrack --ctstatus NONE, EXPECTED is not consistent with --ctstatus SEEN_REPLY,EXPECTED
https://bugzilla.netfilter.org/show_bug.cgi?id=875
Summary: iptables -m conntrack --ctstatus NONE,EXPECTED is not
consistent with --ctstatus SEEN_REPLY,EXPECTED
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P5
Component: iptables
2024 Mar 24
0
[Bug 874] Any conntrack conditions specified with --ctstate INVALID are not checked
https://bugzilla.netfilter.org/show_bug.cgi?id=874
Fabio <pedretti.fabio at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
CC| |pedretti.fabio at gmail.com
Resolution|FIXED
2024 Mar 27
0
[Bug 874] Any conntrack conditions specified with --ctstate INVALID are not checked
https://bugzilla.netfilter.org/show_bug.cgi?id=874
--- Comment #4 from Phil Sutter <phil at nwl.cc> ---
(In reply to Fabio from comment #3)
> Reopening, it looks like 2e704f6ddd6d0 fixed 873, not 874.
Oh, right! Thanks for spotting.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2013 Dec 24
3
[Bug 882] New: The conntrack-tools archive contains some leftovers from a patch run
https://bugzilla.netfilter.org/show_bug.cgi?id=882
Summary: The conntrack-tools archive contains some leftovers
from a patch run
Product: conntrack-tools
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: trivial
Priority: P5
Component: conntrack-daemon
2013 Jun 02
6
[Bug 826] New: libiptc/libip6tc.h doesn't specify C linkage
https://bugzilla.netfilter.org/show_bug.cgi?id=826
Summary: libiptc/libip6tc.h doesn't specify C linkage
Product: iptables
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: minor
Priority: P5
Component: libiptc
AssignedTo: netfilter-buglog at lists.netfilter.org
2020 Apr 18
4
[Bug 1423] New: iptables-translate silently discards --ctstate DNAT
https://bugzilla.netfilter.org/show_bug.cgi?id=1423
Bug ID: 1423
Summary: iptables-translate silently discards --ctstate DNAT
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: iptables over nftable
2013 Sep 11
8
[Bug 851] New: IPv6 SNAT target with --random doesn't work
https://bugzilla.netfilter.org/show_bug.cgi?id=851
Summary: IPv6 SNAT target with --random doesn't work
Product: netfilter/iptables
Version: unspecified
Platform: x86_64
OS/Version: All
Status: NEW
Severity: normal
Priority: P5
Component: NAT
AssignedTo: netfilter-buglog at lists.netfilter.org
2013 Mar 20
2
netfilter+libvirt=(smth got broken?)
Hello,
I'm having problem setting up filtering traffic for a virtual machine
managed by libvirt. Strange thing is, such a setup has been working fine
for me on an older version of distro (namely, opensuse 11.3 w/updates,
kernel 2.6.34, libvirt 0.8.8) but refused to work on shiny new opensuse
12.4 (kernel 3.7.10, libvirt 1.0.2).
The definition of filter in question is pretty simple:
2013 Aug 06
3
[Bug 839] New: SNAT66 does not work for bidirectional UDP
https://bugzilla.netfilter.org/show_bug.cgi?id=839
Summary: SNAT66 does not work for bidirectional UDP
Product: netfilter/iptables
Version: unspecified
Platform: x86_64
OS/Version: Gentoo
Status: NEW
Severity: normal
Priority: P5
Component: NAT
AssignedTo: netfilter-buglog at lists.netfilter.org
2013 May 23
0
[Bug 792] nf_conntrack keep updating incorrect entry in conntrack table after default routing changed
https://bugzilla.netfilter.org/show_bug.cgi?id=792
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
CC| |netfilter at linuxace.com
Resolution|
2019 Sep 02
2
Problem to access from Win to Win after classicupdate to Samba DC 4.10.7
Il giorno lun, 02/09/2019 alle 08.26 +0100, Rowland penny via samba ha
scritto:
> > set 01 22:36:56 s-addc.studiomosca.net named[639]: samba_dlz:
> > cancelling transaction on zone studiomosca.net
>
> That is showing that a client isn't being allowed to update a record.
Is it possible to cure it in some way?
> > [2] ----[smb.conf]
> >
> Please do not post
2013 May 14
8
[Bug 820] New: Quotas not limiting the exact specified limit
https://bugzilla.netfilter.org/show_bug.cgi?id=820
Summary: Quotas not limiting the exact specified limit
Product: netfilter/iptables
Version: linux-2.6.x
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: critical
Priority: P5
Component: unknown
AssignedTo: netfilter-buglog at
2013 Jun 20
0
[Bug 696] Extra tcp options for REJECT --reject-with tcp-reset-both / tcp-reset-destination
https://bugzilla.netfilter.org/show_bug.cgi?id=696
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |netfilter at linuxace.com
--- Comment #2 from Phil Oester <netfilter at linuxace.com> 2013-06-20
2013 Oct 13
2
[Bug 858] New: Some address cannot be blocked
https://bugzilla.netfilter.org/show_bug.cgi?id=858
Summary: Some address cannot be blocked
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: blocker
Priority: P1
Component: iptables
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy:
2013 May 22
6
[Bug 823] New: IPv6 NAT memory leaking
https://bugzilla.netfilter.org/show_bug.cgi?id=823
Summary: IPv6 NAT memory leaking
Product: netfilter/iptables
Version: unspecified
Platform: x86_64
OS/Version: other
Status: NEW
Severity: critical
Priority: P5
Component: ip6_tables (kernel)
AssignedTo: netfilter-buglog at lists.netfilter.org
2013 Nov 28
3
[Bug 877] New: nftables - Set - define core dumps
https://bugzilla.netfilter.org/show_bug.cgi?id=877
Summary: nftables - Set - define core dumps
Product: nftables
Version: unspecified
Platform: x86_64
OS/Version: Ubuntu
Status: NEW
Severity: major
Priority: P5
Component: nft
AssignedTo: pablo at netfilter.org
ReportedBy: anandrm at
2017 Jun 26
0
Accepting RELATED, ESTABLISHED (TCP) connections into VM using Network Filters
Hi,
Over the past few days I've been trying to get a prototype working of a stateful firewall for a Virtual Machine using Libvirt's network filters.
My goal is to replace the current custom Python/Java code in the Apache CloudStack [0] project by Network Filters of Libvirt.
Both IPv4 and IPv6 should work, but I started off with IPv4 and I have issues with accepting back
2019 Apr 24
0
Iptables blocks out going connetion some times
On Wed, 24 Apr 2019 at 06:01, likun <kun.li at ucarinc.com> wrote:
> Hi?guys.
>
> There is a wierd problem with iptables recently, hopes somebody can help
> me.
>
> I have installed Centos 7.2.1511 on a bare metal Dell server these days,
> disabled firewalld and enabled iptables.services, and setup a group of very
> simple rules, as the following:
>
>
I believe
2013 Sep 10
4
[Bug 850] New: DNAT applied even after deleting the IP Tables DNAT Rule
https://bugzilla.netfilter.org/show_bug.cgi?id=850
Summary: DNAT applied even after deleting the IP Tables DNAT
Rule
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at