Your message dated Fri, 13 Sep 2019 18:10:12 +0000 with message-id <[email protected]> and subject line Bug#932196: fixed in iptables-persistent 1.0.14 has caused the Debian Bug report #932196, regarding Load legacy iptables module 'iptable_filter' on nftables system to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 932196: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932196 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Subject: Load legacy iptables module 'iptable_filter' on nftables system Package: netfilter-persistent Version: 1.0.11 Severity: minor File: /usr/sbin/netfilter-persistent Dear Maintainer, When using 'netfilter-persistent save' to dump rules on disk, the kernel module 'iptable_filter' is loaded. But this is for the 'legacy' iptables. On Debian 10, they now use the 'nft' flavor. This has the side effect to add a warning to each following 'iptables' command we type, adding at the end: # Warning: iptables-legacy tables present, use iptables-legacy to see them on stderr. The corresponding code is in /usr/share/netfilter-persistent/plugins.d/15-ip4tables modprobe -b -q iptable_filter || true You can test by typing: iptables -L # no warning modprobe -b -q iptable_filter iptables -L # warning at the end I think you can check for nft loaded modules before trying to load the iptable_filter, or at least check if /proc/net/ip_tables_names file already exists. If yes, no need to load the module. Best regards, -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (990, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages netfilter-persistent depends on: ii lsb-base 10.2019051400 netfilter-persistent recommends no packages. Versions of packages netfilter-persistent suggests: ii iptables-persistent 1.0.11 -- no debconf information
--- End Message ---
--- Begin Message ---Source: iptables-persistent Source-Version: 1.0.14 We believe that the bug you reported is fixed in the latest version of iptables-persistent, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. gustavo panizzo <[email protected]> (supplier of updated iptables-persistent package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 13 Sep 2019 19:16:28 +0200 Source: iptables-persistent Architecture: source Version: 1.0.14 Distribution: unstable Urgency: medium Maintainer: gustavo panizzo <[email protected]> Changed-By: gustavo panizzo <[email protected]> Closes: 932196 Changes: iptables-persistent (1.0.14) unstable; urgency=medium . * [401a9f] No longer load modules. Thanks to Jérémie LEGRAND (Closes: 932196) * [933938] Implement a new logic to flush firewall rules * [824486] Add variable Pre-Depends as required by init-system-helpers and debhelper 12 * [3ed371] Run wrap-and-sort Checksums-Sha1: f48c4031af76d2de0b3264455fd893ff13f0925a 1911 iptables-persistent_1.0.14.dsc 0bd21c789e76ccc4cf22b71fdda5aef06bd66fdd 16268 iptables-persistent_1.0.14.tar.xz Checksums-Sha256: 5f4f5214a8d0a1c2cfdf63cd46f41f2c21c2e6c111ebcc2ffbe1066a710cfba0 1911 iptables-persistent_1.0.14.dsc 8c0e44aa9c74071bd75661f37f398f8a44f2e1e82282480f038e2778e9e23fda 16268 iptables-persistent_1.0.14.tar.xz Files: 446fe44f96a056a69bff6ab66e0d3145 1911 admin optional iptables-persistent_1.0.14.dsc 325467b6cefc5ce942444890c53ec8a7 16268 admin optional iptables-persistent_1.0.14.tar.xz -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEEDixTvDtPMx04S0bghpRR/E7siM4FAl170eQRHGdmYUB6dW1i aS5jb20uYXIACgkQhpRR/E7siM556Q//YMomT+0Q/38L+uMbcnK8GTLJNUu3UC/h M32zOXKaJ4fbarkjWRxzIl5BMgzsucFJfUcuul3uHLOq+9K7DRGyTuQbedCaEBO+ M09QrhAVjnFxq4R13A7+2NMp+o5QXpmrmEXJ8u9S+UZG3+sxxyDv020bShukjTQY h6FIpMPZBcimT0kcfOO52faiQQQjdgScBnm57WarYyyAk/Hq4br5OVdY51xoJXGG XwPZ0+x7Y3WbDFSUn2iVUTmenXcxbJXQYM6yHwRec18IPGP0AHeigfJ1kldKQi7W BB17WtrrXvzboRbxEs/ceyAgleBSh29vOBsWfbRYRMzpsfavZm56vaW8mtAmbqOP P9N4h11Fy9mdea8RYi5DkDbmR+pS+8+vC6q8jBrF5dZkPFc2oPgr+m17kNKkpbuK tHRuUFySk7ss+Ikqx5ZGW5TDhwl8HtpxG09w6sm3+Et7pP8OHYJFN+CehzNBJFHa nYPkj23wdCauGC6gNrcVH2spvOWYGzoUs7QjXuoKAP7FygAUdxglk6vHpPqU2mO/ +Pucm2c4afzW6ejacvQ286HA+oA6/6sCMe8VNpfUt+V7/+3nWKchWptnX3RHjpZo SYvhyOAtMEG9WlmkdEbUAqdUmhRd9XY6rDV8SvAIkJ7OUEN5wuTZVSLFneqpgv58 WBiBpIt42j8= =ZAty -----END PGP SIGNATURE-----
--- End Message ---
