Your message dated Mon, 25 May 2020 05:48:30 +0000 with message-id <[email protected]> and subject line Bug#958671: fixed in firehol 3.1.6+ds-10 has caused the Debian Bug report #958671, regarding firehol-common: Lack of version dependency on iptables caused problems with legacy to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 958671: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958671 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: firehol-common Version: 3.1.6+ds-8 Severity: important Dear Maintainer, * What led up to the situation? I recently upgraded my firewall from stretch to buster. For the first time, I did an apt-get upgrade before apt-get dist-upgrade, I usually just do the latter. This broke the system. * What exactly did you do (or not do) that was effective (or ineffective)? When restarting firehol, it complained that it could not find iptables-legacy etc. * What was the outcome of this action? Firehol didn't start. * What outcome did you expect instead? Firehol should have started after upgrade. This is my interpretation of the problem and the solution: iptables-legacy is found by running /usr/lib/firehol/install.config, where it is now coded. Since my iptables package was still the old one, because I ran the upgrade with upgrade and not dist-upgrade, no iptables-legacy was present, just the iptables command. When that failed, IPTABLES_CMD was not set, and therefore, nothing could run firehol and therefore set the iptables rules. My initial reaction was to change the IPTABLES_CMD, but that was the wrong solution, I should have upgraded the iptables package too. When I did that, things started to work again. I didn't think much about it, but now I figured this is a problem with the Debian package. If the Debian package had declared a version dependency to the version where the iptables-legacy was present, this would not have happened. Thus, it seems to me like an important bug that can be fixed in Debian by declaring which version iptables-legacy first appeared. -- System Information: Debian Release: 10.3 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages firehol-common depends on: ii iprange 1.0.4+ds-2 ii iproute2 4.20.0-2 ii ipset 6.38-1.2 ii iptables 1.8.2-4 ii iputils-ping 3:20180629-2 ii kmod 26-1 ii lsb-base 10.2019051400 ii nfacct 1.0.2-2 ii procps 2:3.3.15-2 ii tcpdump 4.9.3-1~deb10u1 ii traceroute 1:2.1.0-2 Versions of packages firehol-common recommends: ii firehol 3.1.6+ds-8 ii fireqos 3.1.6+ds-8 ii less 487-0.1+b1 firehol-common suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: firehol Source-Version: 3.1.6+ds-10 Done: Jerome Benoit <[email protected]> We believe that the bug you reported is fixed in the latest version of firehol, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jerome Benoit <[email protected]> (supplier of updated firehol package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 08 May 2020 16:16:21 +0000 Source: firehol Architecture: source Version: 3.1.6+ds-10 Distribution: unstable Urgency: medium Maintainer: Jerome Benoit <[email protected]> Changed-By: Jerome Benoit <[email protected]> Closes: 935640 944022 958671 Changes: firehol (3.1.6+ds-10) unstable; urgency=medium . * Debianization: WIP - debian/control: - Depends/Recommends/Suggests fields: - firehol, append version for iptables (Closes: #958671); - firehol-tools, improve; - debian/*.REAME.Debian: - d/firehol.README.Debian, update (Closes: #935640); - debian/patches: - d/p/debianization-source-etc_default.patch , introduce (Closes: #944022); - debian/upstream/metadat, introduce; - debian/changelog, correct. Checksums-Sha1: a0c8473a7e23baf7037d92b8c54053ec2a7e4c58 3189 firehol_3.1.6+ds-10.dsc 000d8e540d6ec7cc633f6e1a08a02832b9c861aa 23356 firehol_3.1.6+ds-10.debian.tar.xz 7e1e4d5006722085870eafbe52bd3cae44dc9da9 6162 firehol_3.1.6+ds-10_source.buildinfo Checksums-Sha256: d9653c85b66341995945c39306bbaf0493fd3c19b28a7247fe53f5b7fbf2cf9e 3189 firehol_3.1.6+ds-10.dsc 35fe1bece06b2b73d6f33c4c938d392bbebe10ba9f714501965e7ea89b36b8cc 23356 firehol_3.1.6+ds-10.debian.tar.xz 194a5b979c6b1298886daad81beb4ff39161dc8813aa6c278f0652ffb67811ff 6162 firehol_3.1.6+ds-10_source.buildinfo Files: 63b33507774bc5841946dba9fe252037 3189 net optional firehol_3.1.6+ds-10.dsc 8053caff9fe1fdac5ee7b8132c3ac6f9 23356 net optional firehol_3.1.6+ds-10.debian.tar.xz a6137b765191fd35241ace64d7ef1a18 6162 net optional firehol_3.1.6+ds-10_source.buildinfo -----BEGIN PGP SIGNATURE----- iQRJBAEBCgAzFiEEriiuFXEN/x2H5adiP5IZpn82xosFAl61hnAVHGNhbGN1bHVz QHJlem96ZXIubmV0AAoJED+SGaZ/NsaL2/ggAMuuc0C685v0An5JU+D9vl/SduhC JSOUZbLOksC3LJT/Wz03JIT0wRarysgE3hh8GFM3AUtRIZZ2QGCZf4mq2Zp2RLbh TSAyfHZqNz2qKlYP3TZgsv5DwcSRMiK8CZ/xbEDM89B2F9KVVItJ+GOAPmHsP1Jy 2PrTLz+I0zb+tFb4g9nnALxrMX1AuSMCjCXEgQ4YfHS+IdZctpWb6IAEEGgMpOWu WhOkdYcA0DM3FbD5fi/HZpeAQzHcRP5DSOqkFL68gAZCUZ8Quio8CnPuAKXGnuWr YGInCNidDpNT5Hak1y4s5flSWJpk4d/mqZNNMyNmKzm7STfdkbwpZF9VHGOx+k6y Vk7dL4Z4PDRSTvrXpbMmCw/fRG8i+4Mexz9T5dbY/vtJYto1gcACBV/JjDoXTnXz g42Nca8GD70fns3Yo63WqCZrpmA53lDjG9iZJTQ1rFWVXE1g4LO7NGAgNVau4Zqh glYAMIV2TSY/YmyfScdQ1wTUtP312yfHA/rMSyQXQESHtR+Oc5+eSaBleYBveoPR DYNuQC58e2YbPUXYlY13Z1Wnl5lCe4KhnlGsPyyGzcsWNIEalaOTJQTfmuRX3etJ ltXKwGZVOrykUMN1qDkD1/W1beNQMHZFWAPWPiszq1b5T2sdTqREf15pJtYYMFHg Armr3XBaBDoAoXotxUxyiWdUU2D1kS4ZEHF/gTMIUrvhWQdiUTcRw/GbV3yoewUE yH/RChJYiQJ5l7BH/AMfvOenEZfl4+hYIddmXjNNYSOGwII5lFePyRXSY5IbKNOG dPyowZxhqw/qTat5ld0pi+jUvrI4Mjves9YvCZHhKm3EarzAWCFPdJSu6su/m6WU D5s168hhTDUynnA+igTj3pc/larTPYB8Jdmz4P0MRGYOgyuSPTCC/nDozM0A5tMN X8V/fC7H7LBvMA/hyBeu2q5tcRWPvm2WiVxTuJdGLvM9lyKT0HeiVCP0nQl2KUF5 5a/GeJA3sIXum155UI0UNdUKMhMiJSlePwB6E0eLMS3iPq6ZD5mX4qbayd/8bc7q 8L2Til2n/xCX2IqvywcULKONNo8XBrZflMonW+Vx9x+4nUGqlPPyemYUJkSPSTop LNhu9sxhioxQD6y9/qjBeigefe1iemUaaT6/Ov/98P/cFvEcqWatHvur7csQISlU zk90Tjfzlnjx0Tn19IN94dWgiGuB+qbyIeKuGzaih4DAA49i0AcrFdZ7dzIi9GNM uODsbVY0alYgiuF2rOfmFmyzub2VH1XqkjTkAFkLQMgcyM86dKurjyFoQnQyHCbS n23LUS6M7NwuCoL0/HkyRthdGU3SvNDzaAOXuLkcv6S4KqHK2uNhE41e1+A= =003e -----END PGP SIGNATURE-----
--- End Message ---
