Bug#1022231: iptables-persistent: Pre-existing /etc/iptables/rules.v4 is overriten when installing
But silently overriding isn't a solution. > if you ask the package to save the rules it will save them, it is the > expected behaviour But overriding isn't expected. Then warn the user about that overriding. And one other bug is that it tries to "save rules" and ask about that even if there are not active rules. > iptables rules are order dependent I know but the user need to care about it not a package maintainer.
Bug#1022231: iptables-persistent: Pre-existing /etc/iptables/rules.v4 is overriten when installing
Hello On Sat, Oct 22, 2022 at 11:11:41AM +, Christian Buhtz wrote: Package: iptables-persistent Severity: normal I had an existing /etc/iptables/rules.v4 file on my system. In the next step I installed "iptables-persistent" and said yes to both questions about saving current existing rules. if you ask the package to save the rules it will save them, it is the expected behaviour Then the file and my rules in it where gone. That shouldn't happen. If you want your previous saved rules to be kept, just don't save the current ruleset When you want to touch that file that add content to it but not overwrite it. No, I don't want to add content; I want to "atomically" save the current ruleset, if content is added on top of the previously saved ruleset I don't know what the result can be. iptables rules are order dependent so just appending them will not work as desired most of the time. -- System Information: Debian Release: 11.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-18-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages iptables-persistent depends on: ii debconf [debconf-2.0] 1.5.77 ii iptables 1.8.7-1 pn netfilter-persistent -- IRC: gfa GPG: 0x27263FA42553615F904A7EBE2A40A2ECB8DAD8D5 OLD GPG: 0x44BB1BA79F6C6333
Bug#1022231: iptables-persistent: Pre-existing /etc/iptables/rules.v4 is overriten when installing
Package: iptables-persistent Severity: normal I had an existing /etc/iptables/rules.v4 file on my system. In the next step I installed "iptables-persistent" and said yes to both questions about saving current existing rules. Then the file and my rules in it where gone. That shouldn't happen. When you want to touch that file that add content to it but not overwrite it. -- System Information: Debian Release: 11.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-18-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages iptables-persistent depends on: ii debconf [debconf-2.0] 1.5.77 ii iptables 1.8.7-1 pn netfilter-persistent