similar to: [Bug 1143] New: physdev extension not working

Displaying 20 results from an estimated 10000 matches similar to: "[Bug 1143] New: physdev extension not working"

2010 Sep 16
0
Bug#571634: xen-utils-common: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING
I recently encountered this in the logs of a new Debian Xen Dom0, and having now spent the better part of a day researching and testing, I've come to the conclusion that this is not a bug in xen-utils-common or even iptables; it's merely the consequence of structural changes to the core netfilter code starting in the 2.6.20 kernel. This is rather long, but the issue is complicated. Please
2014 Oct 29
1
[Bug 985] New: iptables-save cannot display devgroup rule the right way?
https://bugzilla.netfilter.org/show_bug.cgi?id=985 Bug ID: 985 Summary: iptables-save cannot display devgroup rule the right way? Product: iptables Version: 1.4.x Hardware: x86_64 OS: other Status: NEW Severity: enhancement Priority: P5 Component: iptables
2010 Mar 23
0
Bug#571634: [xen-utils-common] using --physdev-out in the OUTPUT, FORWARD and POSTROUTING
Package: xen-utils-common Version: 3.4.2-3 --- Please enter the report below this line. --- After several tests and many hours of investigation I found out that this is not a bug. The iptables rules that triggers the message is found in /etc/xen/scripts/vif-common.sh [1], but as the syslog message clearly indicates this rule works perfectly when the traffic is bridged. Moreover, those rules are
2011 Sep 27
3
[Bug 751] New: IPv6 bridging bug
http://bugzilla.netfilter.org/show_bug.cgi?id=751 Summary: IPv6 bridging bug Product: iptables Version: unspecified Platform: x86_64 OS/Version: Gentoo Status: NEW Severity: normal Priority: P3 Component: ip6tables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy: david at
2010 Feb 26
1
Bug#571634: xen-utils-common - using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic
Package: xen-utils-common Version: 3.4.2-2 Severity: important The network setup uses not longer supported iptables operations: | physdev match: using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for non-bridged traffic is not supported anymore. -- Those who hate and fight must stop themselves -- otherwise it is not stopped. -- Spock, "Day of the Dove", stardate
2013 Mar 05
0
[Bug 812] New: addrtype with limit-iface-in in ip6tables/nat/PREROUTING messes up the route cache
http://bugzilla.netfilter.org/show_bug.cgi?id=812 Summary: addrtype with limit-iface-in in ip6tables/nat/PREROUTING messes up the route cache Product: netfilter/iptables Version: unspecified Platform: x86_64 OS/Version: All Status: NEW Severity: major Priority: P5 Component: ip6_tables
2018 Feb 15
2
[Bug 1227] New: Current conntrack state isn't considered when evaluating multiple SNAT rules
https://bugzilla.netfilter.org/show_bug.cgi?id=1227 Bug ID: 1227 Summary: Current conntrack state isn't considered when evaluating multiple SNAT rules Product: netfilter/iptables Version: unspecified Hardware: All OS: other Status: NEW Severity: enhancement Priority: P5
2017 Jul 08
3
[Bug 1161] New: The lock problem causes the iptables return with exit code 0 without adding my rules to kernel.
https://bugzilla.netfilter.org/show_bug.cgi?id=1161 Bug ID: 1161 Summary: The lock problem causes the iptables return with exit code 0 without adding my rules to kernel. Product: iptables Version: unspecified Hardware: x86_64 OS: Ubuntu Status: NEW Severity: enhancement
2017 Aug 07
3
[Bug 1166] New: negated rule and rule with mistyped interface name looks identical in non-verbose iptables output
https://bugzilla.netfilter.org/show_bug.cgi?id=1166 Bug ID: 1166 Summary: negated rule and rule with mistyped interface name looks identical in non-verbose iptables output Product: iptables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement
2016 Dec 09
4
[Bug 1101] New: SET target unreliable in iptables - add does not work as expected
https://bugzilla.netfilter.org/show_bug.cgi?id=1101 Bug ID: 1101 Summary: SET target unreliable in iptables - add does not work as expected Product: netfilter/iptables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5
2011 Sep 06
2
[Bug 747] New: IPtables marked packets not being inpsected in NAT table.
http://bugzilla.netfilter.org/show_bug.cgi?id=747 Summary: IPtables marked packets not being inpsected in NAT table. Product: iptables Version: CVS (please indicate timestamp) Platform: All OS/Version: All Status: NEW Severity: major Priority: P3 Component: iptables AssignedTo:
2004 Jun 06
4
iptables v1.2.7a: Couldn''t load match `physdev'':/lib/iptables/libipt_physdev.so: cannot open shared object file: No such file or directory
Hi, I''m running RH9 Linux and I''m having a slight problem with shorewall, i originally set it up as a two card configuration, but i have now bridged the connections in an attempt to get my WiFi network communicating with the wired network (eth0 and wlan0). I have followed the instructions for bridging from http://www.shorewall.net/bridge.html but when I activate shorewall i get
2013 Jan 29
2
[Bug 808] New: Wrong packet and byte counters when using DROP/REJECT targets and UDP protocol match
http://bugzilla.netfilter.org/show_bug.cgi?id=808 Summary: Wrong packet and byte counters when using DROP/REJECT targets and UDP protocol match Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component: iptables
2019 Apr 17
1
Full mail
Hello, I am getting strange messages on logs and I cannot find any reason. Could someone point me on what's wrong with my dovecot configuration? ~# dovecot -n # 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.4 () # OS: Linux 4.9.0-8-amd64 x86_64 Debian 9 ext4 ~# grep 'full mail' //var/log/dovecot.log Apr 16 19:25:43 imap(phaoost at
2013 Nov 23
2
[Bug 875] New: iptables -m conntrack --ctstatus NONE, EXPECTED is not consistent with --ctstatus SEEN_REPLY,EXPECTED
https://bugzilla.netfilter.org/show_bug.cgi?id=875 Summary: iptables -m conntrack --ctstatus NONE,EXPECTED is not consistent with --ctstatus SEEN_REPLY,EXPECTED Product: iptables Version: 1.4.x Platform: All OS/Version: All Status: NEW Severity: normal Priority: P5 Component: iptables
2011 Jul 24
4
[Bug 729] New: iptables + ipset rules apply but nothing go to the chain
http://bugzilla.netfilter.org/show_bug.cgi?id=729 Summary: iptables + ipset rules apply but nothing go to the chain Product: iptables Version: unspecified Platform: x86_64 OS/Version: Debian GNU/Linux Status: NEW Severity: critical Priority: P2 Component: iptables AssignedTo: netfilter-buglog at
2006 Dec 30
1
Accumulating Physdev Counts
When using v2 we would modify the saved /var/lib/shorewall/restore file to modify logging so we had separate counts by the physical device the packets (actually, NEW connections, not total packet counts), such as: -A LogStuff -j LOG etc -A LogStuff -m physdev --physdev-in eth1 -j DROP -A LogStuff -m physdev --physdev-in eth2 -j DROP which gave us an idea where dropped traffic cam from
2006 Dec 28
4
filter policy drop and allow transparent proxy
Trying to use the policy drop rule with the bridged firewall, when I removed the first line the transparent proxy works great? It seems a bit strange as from reading several articles on it I thought the following occurs. 1st line - if it doest match it gets dropped on the local filter input. 2nd line - redirects the traffic off the link layer into the network layer ready for line 3. 3rd line -
2010 Jan 14
1
Fonts installed but reported as missing
Hi, I am getting the trouble, the .net 2.0 application reports verdana font is missing though it is installed: ~$ ll ~/.wine/drive_c/windows/Fonts/Verdana* -rw-r--r-- 1 phaoost phaoost 136032 2010-01-15 00:16 /home/phaoost/.wine/drive_c/windows/Fonts/Verdanab.TTF -rw-r--r-- 1 phaoost phaoost 154264 2010-01-15 00:16 /home/phaoost/.wine/drive_c/windows/Fonts/Verdanai.TTF -rw-r--r-- 1 phaoost
2006 Dec 14
5
blocking traffic on the FORWARD chain using physdev
Currently using physdev on a bridge to try and isolate certain paths across and to the bridge. It all works except when trying to stop the flow in one direction on the FORWARD chain?? Can someone please help?? Below is the testing done so far. eth1 <---> BRIDGE <---> eth0 # Block (eth0 ---> eth1) - blocks both directions and not just one?? iptables -A FORWARD -m physdev