Displaying 20 results from an estimated 10000 matches similar to: "[Bug 1143] New: physdev extension not working"
2010 Sep 16
0
Bug#571634: xen-utils-common: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING
I recently encountered this in the logs of a new Debian Xen Dom0, and
having now spent the better part of a day researching and testing, I've
come to the conclusion that this is not a bug in xen-utils-common or
even iptables; it's merely the consequence of structural changes to the
core netfilter code starting in the 2.6.20 kernel.
This is rather long, but the issue is complicated. Please
2014 Oct 29
1
[Bug 985] New: iptables-save cannot display devgroup rule the right way?
https://bugzilla.netfilter.org/show_bug.cgi?id=985
Bug ID: 985
Summary: iptables-save cannot display devgroup rule the right
way?
Product: iptables
Version: 1.4.x
Hardware: x86_64
OS: other
Status: NEW
Severity: enhancement
Priority: P5
Component: iptables
2010 Mar 23
0
Bug#571634: [xen-utils-common] using --physdev-out in the OUTPUT, FORWARD and POSTROUTING
Package: xen-utils-common
Version: 3.4.2-3
--- Please enter the report below this line. ---
After several tests and many hours of investigation I found out that
this is not a bug.
The iptables rules that triggers the message is found in
/etc/xen/scripts/vif-common.sh [1], but as the syslog message clearly
indicates this rule works perfectly when the traffic is bridged.
Moreover, those rules are
2011 Sep 27
3
[Bug 751] New: IPv6 bridging bug
http://bugzilla.netfilter.org/show_bug.cgi?id=751
Summary: IPv6 bridging bug
Product: iptables
Version: unspecified
Platform: x86_64
OS/Version: Gentoo
Status: NEW
Severity: normal
Priority: P3
Component: ip6tables
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: david at
2010 Feb 26
1
Bug#571634: xen-utils-common - using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic
Package: xen-utils-common
Version: 3.4.2-2
Severity: important
The network setup uses not longer supported iptables operations:
| physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore.
--
Those who hate and fight must stop themselves -- otherwise it is not stopped.
-- Spock, "Day of the Dove", stardate
2013 Mar 05
0
[Bug 812] New: addrtype with limit-iface-in in ip6tables/nat/PREROUTING messes up the route cache
http://bugzilla.netfilter.org/show_bug.cgi?id=812
Summary: addrtype with limit-iface-in in
ip6tables/nat/PREROUTING messes up the route cache
Product: netfilter/iptables
Version: unspecified
Platform: x86_64
OS/Version: All
Status: NEW
Severity: major
Priority: P5
Component: ip6_tables
2018 Feb 15
2
[Bug 1227] New: Current conntrack state isn't considered when evaluating multiple SNAT rules
https://bugzilla.netfilter.org/show_bug.cgi?id=1227
Bug ID: 1227
Summary: Current conntrack state isn't considered when
evaluating multiple SNAT rules
Product: netfilter/iptables
Version: unspecified
Hardware: All
OS: other
Status: NEW
Severity: enhancement
Priority: P5
2017 Jul 08
3
[Bug 1161] New: The lock problem causes the iptables return with exit code 0 without adding my rules to kernel.
https://bugzilla.netfilter.org/show_bug.cgi?id=1161
Bug ID: 1161
Summary: The lock problem causes the iptables return with exit
code 0 without adding my rules to kernel.
Product: iptables
Version: unspecified
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: enhancement
2017 Aug 07
3
[Bug 1166] New: negated rule and rule with mistyped interface name looks identical in non-verbose iptables output
https://bugzilla.netfilter.org/show_bug.cgi?id=1166
Bug ID: 1166
Summary: negated rule and rule with mistyped interface name
looks identical in non-verbose iptables output
Product: iptables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: enhancement
2016 Dec 09
4
[Bug 1101] New: SET target unreliable in iptables - add does not work as expected
https://bugzilla.netfilter.org/show_bug.cgi?id=1101
Bug ID: 1101
Summary: SET target unreliable in iptables - add does not work
as expected
Product: netfilter/iptables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: major
Priority: P5
2011 Sep 06
2
[Bug 747] New: IPtables marked packets not being inpsected in NAT table.
http://bugzilla.netfilter.org/show_bug.cgi?id=747
Summary: IPtables marked packets not being inpsected in NAT
table.
Product: iptables
Version: CVS (please indicate timestamp)
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P3
Component: iptables
AssignedTo:
2004 Jun 06
4
iptables v1.2.7a: Couldn''t load match `physdev'':/lib/iptables/libipt_physdev.so: cannot open shared object file: No such file or directory
Hi, I''m running RH9 Linux and I''m having a slight problem with shorewall, i originally set it up as a two card configuration, but i have now bridged the connections in an attempt to get my WiFi network communicating with the wired network (eth0 and wlan0). I have followed the instructions for bridging from http://www.shorewall.net/bridge.html but when I activate shorewall i get
2013 Jan 29
2
[Bug 808] New: Wrong packet and byte counters when using DROP/REJECT targets and UDP protocol match
http://bugzilla.netfilter.org/show_bug.cgi?id=808
Summary: Wrong packet and byte counters when using DROP/REJECT
targets and UDP protocol match
Product: iptables
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P5
Component: iptables
2019 Apr 17
1
Full mail
Hello,
I am getting strange messages on logs and I cannot find any reason. Could
someone point me on what's wrong with my dovecot configuration?
~# dovecot -n
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 4.9.0-8-amd64 x86_64 Debian 9 ext4
~# grep 'full mail' //var/log/dovecot.log
Apr 16 19:25:43 imap(phaoost at
2013 Nov 23
2
[Bug 875] New: iptables -m conntrack --ctstatus NONE, EXPECTED is not consistent with --ctstatus SEEN_REPLY,EXPECTED
https://bugzilla.netfilter.org/show_bug.cgi?id=875
Summary: iptables -m conntrack --ctstatus NONE,EXPECTED is not
consistent with --ctstatus SEEN_REPLY,EXPECTED
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P5
Component: iptables
2011 Jul 24
4
[Bug 729] New: iptables + ipset rules apply but nothing go to the chain
http://bugzilla.netfilter.org/show_bug.cgi?id=729
Summary: iptables + ipset rules apply but nothing go to the chain
Product: iptables
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: critical
Priority: P2
Component: iptables
AssignedTo: netfilter-buglog at
2006 Dec 30
1
Accumulating Physdev Counts
When using v2 we would modify the saved /var/lib/shorewall/restore file to
modify logging so we had separate counts by the physical device the
packets (actually, NEW connections, not total packet counts), such as:
-A LogStuff -j LOG etc
-A LogStuff -m physdev --physdev-in eth1 -j DROP
-A LogStuff -m physdev --physdev-in eth2 -j DROP
which gave us an idea where dropped traffic cam from
2006 Dec 28
4
filter policy drop and allow transparent proxy
Trying to use the policy drop rule with the bridged firewall, when I
removed the first line the transparent proxy works great? It seems a
bit strange as from reading several articles on it I thought the
following occurs.
1st line - if it doest match it gets dropped on the local filter input.
2nd line - redirects the traffic off the link layer into the network
layer ready for line 3.
3rd line -
2010 Jan 14
1
Fonts installed but reported as missing
Hi,
I am getting the trouble, the .net 2.0 application reports verdana font is missing though it is installed:
~$ ll ~/.wine/drive_c/windows/Fonts/Verdana*
-rw-r--r-- 1 phaoost phaoost 136032 2010-01-15 00:16 /home/phaoost/.wine/drive_c/windows/Fonts/Verdanab.TTF
-rw-r--r-- 1 phaoost phaoost 154264 2010-01-15 00:16 /home/phaoost/.wine/drive_c/windows/Fonts/Verdanai.TTF
-rw-r--r-- 1 phaoost
2006 Dec 14
5
blocking traffic on the FORWARD chain using physdev
Currently using physdev on a bridge to try and isolate certain paths
across and to the bridge. It all works except when trying to stop the
flow in one direction on the FORWARD chain?? Can someone please help??
Below is the testing done so far.
eth1 <---> BRIDGE <---> eth0
# Block (eth0 ---> eth1) - blocks both directions and not just one??
iptables -A FORWARD -m physdev