Your message dated Sun, 10 Jan 2010 22:02:32 +0000
with message-id <[email protected]>
and subject line Bug#553036: fixed in arno-iptables-firewall 1.9.2.h-1
has caused the Debian Bug report #553036,
regarding arno-iptables-firewall: iptables complains while starting firewall:
Bad rule (does a matching rule exist in that chain?)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
553036: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553036
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: arno-iptables-firewall
Version: 1.9.2.d-1
Severity: normal
Per your recommendations/directions installed the beast... configuration was to
be managed by debconf, resultatant debconf.conf is:
DC_EXT_IF="eth0 wlan0"
DC_EXT_IF_DHCP_IP=1
DC_OPEN_TCP="11110"
DC_OPEN_UDP=""
DC_INT_IF=""
DC_NAT=0
DC_INTERNAL_NET=""
DC_NAT_INTERNAL_NET=""
DC_OPEN_ICMP=1
it pukes at
+ unset IFS
+ unset IFS
+ '[' 0 -eq 0 ']'
+ iptables -D EXT_INPUT_CHAIN -m conntrack --ctstate DNAT -j ACCEPT
++ trace /sbin/iptables -D EXT_INPUT_CHAIN -m conntrack --ctstate DNAT -j ACCEPT
+ result='++ '\''['\'' -n '\'''\'' '\'']'\''
++ /sbin/iptables -D EXT_INPUT_CHAIN -m conntrack --ctstate DNAT -j ACCEPT
iptables: Bad rule (does a matching rule exist in that chain?).'
+ retval=1
+ '[' 1 '!=' 0 ']'
+ printf '\033[40m\033[1;31m(1) ++ '\''['\'' -n '\'''\'' '\'']'\''
++ /sbin/iptables -D EXT_INPUT_CHAIN -m conntrack --ctstate DNAT -j ACCEPT
iptables: Bad rule (does a matching rule exist in that chain?).\033[0m\n'
(1) ++ '[' -n '' ']'
++ /sbin/iptables -D EXT_INPUT_CHAIN -m conntrack --ctstate DNAT -j ACCEPT
iptables: Bad rule (does a matching rule exist in that chain?).
+ note_iptables_error -D EXT_INPUT_CHAIN -m conntrack --ctstate DNAT -j ACCEPT
+ unset IFS
+ for arg in '$*'
+ '[' -D = -A ']'
+ '[' -D = -I ']'
+ for arg in '$*'
+ '[' EXT_INPUT_CHAIN = -A ']'
+ '[' EXT_INPUT_CHAIN = -I ']'
+ for arg in '$*'
+ '[' -m = -A ']'
iptables rules otherwise seems to be ok
at this moment I am connected to eth0 and ifconfig is:
eth0 Link encap:Ethernet HWaddr 00:24:7e:15:78:19
inet addr:129.170.31.123 Bcast:129.170.31.255 Mask:255.255.254.0
inet6 addr: fe80::224:7eff:fe15:7819/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1928795 errors:0 dropped:0 overruns:0 frame:0
TX packets:1195840 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:431294620 (411.3 MiB) TX bytes:473536704 (451.5 MiB)
Memory:f0600000-f0620000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:894905 errors:0 dropped:0 overruns:0 frame:0
TX packets:894905 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:604682570 (576.6 MiB) TX bytes:604682570 (576.6 MiB)
teredo Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: fe80::ffff:ffff:ffff/64 Scope:Link
inet6 addr: 2001:0:53aa:64c:1880:46d5:7e55:e093/32 Scope:Global
UP POINTOPOINT RUNNING NOARP MTU:1280 Metric:1
RX packets:123 errors:0 dropped:0 overruns:0 frame:0
TX packets:156 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:94152 (91.9 KiB) TX bytes:21012 (20.5 KiB)
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (901, 'unstable'), (900, 'testing'), (300, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.31.2-rt13-1-amd64 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages arno-iptables-firewall depends on:
ii debconf [debconf-2.0] 1.5.27 Debian configuration management sy
ii gawk 1:3.1.6.dfsg-3 GNU awk, a pattern scanning and pr
ii iptables 1.4.4-2 administration tools for packet fi
Versions of packages arno-iptables-firewall recommends:
ii dnsutils 1:9.6.1.dfsg.P1-3 Clients provided with BIND
ii iproute 20090324-1 networking and traffic control too
ii lynx 2.8.7pre1-1 Text-mode WWW Browser (transitiona
arno-iptables-firewall suggests no packages.
-- debconf-show failed
--- End Message ---
--- Begin Message ---
Source: arno-iptables-firewall
Source-Version: 1.9.2.h-1
We believe that the bug you reported is fixed in the latest version of
arno-iptables-firewall, which is due to be installed in the Debian FTP archive:
arno-iptables-firewall_1.9.2.h-1.diff.gz
to main/a/arno-iptables-firewall/arno-iptables-firewall_1.9.2.h-1.diff.gz
arno-iptables-firewall_1.9.2.h-1.dsc
to main/a/arno-iptables-firewall/arno-iptables-firewall_1.9.2.h-1.dsc
arno-iptables-firewall_1.9.2.h-1_all.deb
to main/a/arno-iptables-firewall/arno-iptables-firewall_1.9.2.h-1_all.deb
arno-iptables-firewall_1.9.2.h.orig.tar.gz
to main/a/arno-iptables-firewall/arno-iptables-firewall_1.9.2.h.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Hanke <[email protected]> (supplier of updated
arno-iptables-firewall package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 10 Jan 2010 16:46:32 -0500
Source: arno-iptables-firewall
Binary: arno-iptables-firewall
Architecture: source all
Version: 1.9.2.h-1
Distribution: unstable
Urgency: low
Maintainer: Michael Hanke <[email protected]>
Changed-By: Michael Hanke <[email protected]>
Description:
arno-iptables-firewall - single- and multi-homed firewall script with DSL/ADSL
support
Closes: 550222 553036
Changes:
arno-iptables-firewall (1.9.2.h-1) unstable; urgency=low
.
* New upstream release (Closes: #550222, #553036).
* Unify dependency-based boot-order and old-style update-rc.d, to be similar
to shorewall's behavior.
* Add lintian override. The init script does handle 'stop', but it is
shadowed by an if-clause. The 'else' branch handles 'stop' as well.
Checksums-Sha1:
2730a769d5f630a567cf8b06eefc0fbf800b8949 1296
arno-iptables-firewall_1.9.2.h-1.dsc
c2e027462b3b3eaa461439e7281a9fbc4b91ec4a 100810
arno-iptables-firewall_1.9.2.h.orig.tar.gz
b7c6511cbd1bb8097e08cb18ea6f526d40703dab 44013
arno-iptables-firewall_1.9.2.h-1.diff.gz
9dde9760a9b95cd167b9dadd63f8125fd0e46c6e 127186
arno-iptables-firewall_1.9.2.h-1_all.deb
Checksums-Sha256:
a12d157113c859652c22d5d06c19bbd3cba1504000cc8ee8174abc2158ce429f 1296
arno-iptables-firewall_1.9.2.h-1.dsc
b12b52afd0831d25fe61ec7a33403a05e0bf30751d3f21844bed9d464cdbd063 100810
arno-iptables-firewall_1.9.2.h.orig.tar.gz
734aa51847b4e60ab7f9d4da65046750dbbc46f94ba8d9d01b7dd017c6d510c6 44013
arno-iptables-firewall_1.9.2.h-1.diff.gz
f95b748a9898af60a76468c256fc59d6c2761d142b7507ff335448c5ede80bca 127186
arno-iptables-firewall_1.9.2.h-1_all.deb
Files:
402ae00ef3a3b2a5335cd2f7ca7357eb 1296 net optional
arno-iptables-firewall_1.9.2.h-1.dsc
50cc2456e9e9d5f877236f60b846b0b4 100810 net optional
arno-iptables-firewall_1.9.2.h.orig.tar.gz
e8d624d3d5dbca47cc297f43dce9b31e 44013 net optional
arno-iptables-firewall_1.9.2.h-1.diff.gz
4a09bcf358db3ca8ac088e2c2c1416c5 127186 net optional
arno-iptables-firewall_1.9.2.h-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAktKTGkACgkQ93+NsjFEvg8mlwCgiOh8aMPf7IdU/QvIPn9Aqsgh
fMoAni+TxutyW2Yxsn2g0GaS044BdlJN
=Crif
-----END PGP SIGNATURE-----
--- End Message ---
