iptables 1.2.6a bug

Sun, 14 Apr 2002 08:10:32 -0700 

I upgraded from 1.2.5 to 1.2.6a and my firewall script crashes
on some iptables calls:

Loading iptables firewall:
Checking configuration...passed
Checking IP Forwarding...enabled.
Checking IP SynCookies...support not found, but that's OK.
Flush: INPUT OUTPUT1 FORWARD PREROUTING1 OUTPUT2 POSTROUTING iptables:
libiptc/libip4tc.c:384: do_check: Assertion `h->info.valid_hooks == (1 << 0
| 1 << 3)' failed.
/usr/local/bin/firewall: line 125:  2854 Aborted                 (core
dumped) ${IPTABLES} -t mangle -F PREROUTING
PREROUTING2 iptables: libiptc/libip4tc.c:384: do_check: Assertion
`h->info.valid_hooks == (1 << 0 | 1 << 3)' failed.
/usr/local/bin/firewall: line 127:  2855 Aborted                 (core
dumped) ${IPTABLES} -t mangle -F OUTPUT
OUTPUT3
Creating chains: INETIN INETOUT DMZIN DMZOUT TCPACCEPT UDPACCEPT LDROP
LREJECT TREJECT LTREJECT
Default Policies: INPUT:ACCEPT OUTPUT:ACCEPT FORWARD:DROP
Local Traffic Rules: 10.0.0.0/8:ACCEPT
Setting up masquerading: 10.0.0.0/8:MASQUERADE
Setting up INET chains: INETIN INETOUT
Setting up drop chains chains: LDROP LREJECT TREJECT LTREJECT
Setting up per-proto ACCEPT: TCPACCEPT UDPACCEPT
TREJECTing invalid packets...done
Flood limiting: ICMP-PING
Allowing the rest of the ICMP messages in...done
TCP Input Allow: 22 80 113 15890
UDP Input Allow: 6112 6119 4000
Accounting for SSH...SSH1

Allowing established outbound connections back in...done
Optimizing traffic: iptables: libiptc/libip4tc.c:384: do_check: Assertion
`h->info.valid_hooks == (1 << 0 | 1 << 3)' failed.
/usr/local/bin/firewall: line 486:  2966 Aborted                 (core
dumped) ${IPTABLES} -t mangle -A OUTPUT -p tcp --dport 23 -j TOS --set-tos
Minimize-Delay
telnet iptables: libiptc/libip4tc.c:384: do_check: Assertion
`h->info.valid_hooks == (1 << 0 | 1 << 3)' failed.
/usr/local/bin/firewall: line 486:  2967 Aborted                 (core
dumped) ${IPTABLES} -t mangle -A OUTPUT -p tcp --dport 22 -j TOS --set-tos
Minimize-Delay
ssh iptables: libiptc/libip4tc.c:384: do_check: Assertion
`h->info.valid_hooks == (1 << 0 | 1 << 3)' failed.
/usr/local/bin/firewall: line 486:  2968 Aborted                 (core
dumped) ${IPTABLES} -t mangle -A OUTPUT -p tcp --dport 20 -j TOS --set-tos
Minimize-Cost
ftp-dataiptables: libiptc/libip4tc.c:384: do_check: Assertion
`h->info.valid_hooks == (1 << 0 | 1 << 3)' failed.
/usr/local/bin/firewall: line 486:  2969 Aborted                 (core
dumped) ${IPTABLES} -t mangle -A OUTPUT -p tcp --dport 21 -j TOS --set-tos
Minimize-Delay
ftp-controliptables: libiptc/libip4tc.c:384: do_check: Assertion
`h->info.valid_hooks == (1 << 0 | 1 << 3)' failed.
/usr/local/bin/firewall: line 486:  2970 Aborted                 (core
dumped) ${IPTABLES} -t mangle -A OUTPUT -p udp --dport 4000:7000 -j
TOS --set-tos Minimize-Delay
diablo2
Setting up INET policies: INETIN:TREJECT INETOUT:ACCEPT
Done loading the firewall!

Andreas

    ---------------------------------------------------------------------
   -    Andreas Jung                            Zope Corporation       -
  -   EMail: [EMAIL PROTECTED]                http://www.zope.com      -
 -  "Python Powered"                       http://www.python.org     -
  -   "Makers of Zope"                       http://www.zope.org      -
   -            "Life is too short to (re)write parsers"               -
    ---------------------------------------------------------------------

Reply via email to