similar to: [Bug 580] New: iptables-restore and iptables-save lack comparison of a saved ruleset against the currently deployed rules

https://bugzilla.netfilter.org/show_bug.cgi?id=580 Jan Engelhardt <jengelh at medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WONTFIX | --- Comment #4 from Jan Engelhardt <jengelh at

https://bugzilla.netfilter.org/show_bug.cgi?id=580 --- Comment #6 from Jan Engelhardt <jengelh at medozas.de> 2013-06-24 20:32:22 CEST --- >Unclear how you can say with certainty that this is impossible Right now, tables are output in permutations that are considered to be random. (Sure there is module load order, but that is not documented, nor is it actually a usable assumption for

https://bugzilla.netfilter.org/show_bug.cgi?id=580 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|jengelh at medozas.de |netfilter-buglog at lists.netf | |ilter.org -- Configure

https://bugzilla.netfilter.org/show_bug.cgi?id=580 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |netfilter at linuxace.com Resolution|

https://bugzilla.netfilter.org/show_bug.cgi?id=580 --- Comment #5 from Phil Oester <netfilter at linuxace.com> 2013-06-24 20:07:02 CEST --- Unclear how you can say with certainty that this is impossible, but let's ignore that point for the moment. Is there some reason that iptables-save should do the sorting for userspace scripts? Another alternative would be to always load the

https://bugzilla.netfilter.org/show_bug.cgi?id=580 --- Comment #7 from Phil Oester <netfilter at linuxace.com> 2013-06-24 23:34:51 CEST --- > would you be thrilled if all the rules were in random order too? This comparison is a bit far fetched, given that ordering of rules is so important (accept before drop, etc). The order in which tables are output in iptables-save is largely

http://bugzilla.netfilter.org/show_bug.cgi?id=756 Summary: iptables: Memory allocation problem. Product: iptables Version: CVS (please indicate timestamp) Platform: All OS/Version: All Status: NEW Severity: normal Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org

http://bugzilla.netfilter.org/show_bug.cgi?id=713 Summary: CPPFLAGS are mishandled which breaks non-shared targets Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component: unknown AssignedTo: netfilter-buglog at

http://bugzilla.netfilter.org/show_bug.cgi?id=616 Summary: Duplicate rules for multi-homed hostnames. IPv4 and IPv6 inconsistent treatment. Product: iptables Version: unspecified Platform: i386 OS/Version: All Status: NEW Severity: minor Priority: P4 Component: iptables

http://bugzilla.netfilter.org/show_bug.cgi?id=732 Summary: Iptables 1.4.11 or 1.4.12 does not compile on CentOS 5.6 Product: netfilter/iptables Version: linux-2.6.x Platform: x86_64 OS/Version: RedHat Linux Status: NEW Severity: critical Priority: P1 Component: ip_tables (kernel) AssignedTo:

http://bugzilla.netfilter.org/show_bug.cgi?id=720 Summary: iptables no longer compiles for Linux 2.4 because it uses linux/magic.h Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: major Priority: P3 Component: iptables AssignedTo:

http://bugzilla.netfilter.org/show_bug.cgi?id=706 Jan Engelhardt <jengelh at medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh at medozas.de --- Comment #1 from Jan Engelhardt <jengelh at medozas.de> 2011-03-03 14:20:30

http://bugzilla.netfilter.org/show_bug.cgi?id=727 Summary: Open your firewall by a simple typo Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy:

http://bugzilla.netfilter.org/show_bug.cgi?id=718 Summary: New bugzilla account has no permissions to create bug for conntrack-tools Product: bugzilla Version: other Platform: All OS/Version: All Status: NEW Severity: normal Priority: P5 Component: netfilter bugzilla AssignedTo:

http://bugzilla.netfilter.org/show_bug.cgi?id=707 Summary: Trivial SNAT manpage error Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy:

http://bugzilla.netfilter.org/show_bug.cgi?id=724 Summary: Iptables doesn't delete rules matching if target is RATEEST - patch attached Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component: iptables

http://bugzilla.netfilter.org/show_bug.cgi?id=762 Summary: The lastest snapshot iptables compiled error"ERROR: ld.so: object 'libxtables.so.7' " Product: iptables Version: unspecified Platform: arm OS/Version: Ubuntu Status: NEW Severity: major Priority: P5 Component:

http://bugzilla.netfilter.org/show_bug.cgi?id=728 Summary: ip_tables: limit match: invalid size 40!=48 Product: netfilter/iptables Version: linux-2.6.x Platform: mips64 OS/Version: Debian GNU/Linux Status: NEW Severity: critical Priority: P2 Component: ip_tables (kernel) AssignedTo:

http://bugzilla.netfilter.org/show_bug.cgi?id=586 Summary: Problems changing the source address of a packet Product: libnetfilter_queue Version: unspecified Platform: All OS/Version: All Status: NEW Severity: blocker Priority: P1 Component: libnetfilter_queue AssignedTo: laforge at netfilter.org

http://bugzilla.netfilter.org/show_bug.cgi?id=723 Summary: extensions/libxt_NFLOG.man definines invalid range for - -nflog-group Product: iptables Version: CVS (please indicate timestamp) Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P5 Component: iptables