Package: iptables
Version: 1.6.0+snapshot20161117-6
Severity: normal
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
I believe the problem existed after fresh netinstall of Debian Stretch with
xfce destop but I am not sure exactly when I \
began to notice iptables problem. I added skolelinux desktop which took over
boot but is still xfce so I didn't mind. Being \
rather security conscious I'm sure I would setup iptables with rules right away.
* What exactly did you do (or not do) that was effective (or
ineffective)?
I made rules for iptables. I noticed I had problems loading the rules up at
boot. Tried netfilter-persistent, \
tried a script in rc.local maybe a couple of other efforts (installed apf,
uninstalled apf netfilter-persistent, reinstall \
iptables and netfilter-persistent...) most things I tried usually worked for a
few boots but would then would\
randomly fail. The most dependable thing I have found is to be disconnected
from the network by default and place a preprocessing iptables startup script \
in wicd which loads the rules before network is brought up. Eventually I
discovered the loaded rules would disapper after a few minutes. This \
happens whether I am browsing the internet or not or in fact not doing anything.
I just tried to gdebi the latest package iptables_1.6.1-2~bpo9+1_amd64.deb but
that was uninstallable due to an incompatible library.
Rquired outcome is of course to load the rules and depend on them to be
stable.
Debian Release: 9.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8),
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages iptables depends on:
ii libc62.24-11+deb9u3
ii libip4tc01.6.0+snapshot20161117-6
ii libip6tc01.6.0+snapshot20161117-6
ii libiptc0 1.6.0+snapshot20161117-6
ii libnetfilter-conntrack3 1.0.6-2
ii libnfnetlink01.0.1-3
ii libxtables12 1.6.0+snapshot20161117-6
iptables recommends no packages.
Versions of packages iptables suggests:
ii kmod 23-2
-- no debconf information