Bug#1063844: iptables-persistent: In the flush_rules() function for IPv4 and IPv6, write a message when user-defined chains are found.

2024-02-13 Thread Gabor Zsoldos 
Package: iptables-persistent
Version: 1.0.20
Severity: normal

Dear Maintainer,

When using user-defined chains in iptables, the netfilter-persistent flush 
command will write a message for each matching chain name like this:
iptables: Bad built-in chain name.

I suggest changing this regular expression in the flush_rules function of the 
15-ip4tables and 25-ip6tables scripts:
s/^:([A-Z]+).*/\1/p

to this:
s/^:([A-Z]+) [A-Z]+ .*/\1/p

This regular expression only captures the embedded chains, excluding 
user-defined chains, in the iptables-save output text.

-- System Information:
Debian Release: 12.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-17-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=C, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to hu_HU.UTF8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages iptables-persistent depends on:
ii  debconf [debconf-2.0]  1.5.82
ii  iptables   1.8.9-2
ii  netfilter-persistent   1.0.20

iptables-persistent recommends no packages.

iptables-persistent suggests no packages.

-- debconf information excluded

Bug#868059: tc: m_xt: Segfault with iptables-1.6.0

2017-07-11 Thread Gabor Zsoldos 
Package: iproute2
Version: 4.9.0-1
Severity: normal
Tags: patch

# tc qdisc add dev enp0s3 ingress
# tc filter add dev enp0s3 parent : protocol ip u32 match u32 0 0 flowid 
1:1 action xt -j MARK  --set-mark 0xa
Segmentation fault

This is a known and corrected bug in the mainstream.
See:
https://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git/commit/?h=v4.10.0=97a02cabefb2e2dcfe27f89943709afa84be5525

-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to hu_HU.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to 
hu_HU.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages iproute2 depends on:
ii  libc62.24-11+deb9u1
ii  libdb5.3 5.3.28-12+b1
ii  libelf1  0.168-1
ii  libmnl0  1.0.4-2
ii  libselinux1  2.6-3+b1

Versions of packages iproute2 recommends:
pn  libatm1   
ii  libxtables12  1.6.0+snapshot20161117-6

Versions of packages iproute2 suggests:
pn  iproute2-doc  

-- no debconf information