[Bug 2061891] [NEW] Noble upgrade breaks iptables-persistent and netfilter-persistent usage

Stefan Hammer 2061891 at bugs.launchpad.net
Tue Apr 16 18:53:07 UTC 2024 

Public bug reported:

Upgrade from Jammy to Noble breaks iptables-persistent and netfilter-
persistent firewall configuration if ufw is also installed pre-upgrade.


from /var/log/dist-upgrade/apt.log:
Broken ufw:amd64 Breaks on iptables-persistent:amd64 < 1.0.16 -> 1.0.20 @ii umU >
  Considering iptables-persistent:amd64 -1 as a solution to ufw:amd64 5
  Added iptables-persistent:amd64 to the remove list
  Conflicts//Breaks against version 1.0.16 for iptables-persistent but that is not InstVer, ignoring
Broken ufw:amd64 Breaks on netfilter-persistent:amd64 < 1.0.16 -> 1.0.20 @ii umU >
  Considering netfilter-persistent:amd64 0 as a solution to ufw:amd64 5
  Added netfilter-persistent:amd64 to the remove list
  Conflicts//Breaks against version 1.0.16 for netfilter-persistent but that is not InstVer, ignoring
  MarkDelete iptables-persistent:amd64 < 1.0.16 -> 1.0.20 @ii umU > FU=0
  Fixing ufw:amd64 via remove of iptables-persistent:amd64
  MarkDelete netfilter-persistent:amd64 < 1.0.16 -> 1.0.20 @ii umU > FU=0
  Fixing ufw:amd64 via remove of netfilter-persistent:amd64

ufw 0.36.2-1 add the breaks
$ apt show ufw
Package: ufw
Version: 0.36.2-6
Priority: standard
Section: admin
Origin: Ubuntu
Maintainer: Jamie Strandboge <jdstrand at ubuntu.com>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 869 kB
Depends: iptables, ucf, python3:any, debconf (>= 0.5) | debconf-2.0
Suggests: rsyslog
Breaks: iptables-persistent, netfilter-persistent
Homepage: https://launchpad.net/ufw
Task: standard
Download-Size: 169 kB
APT-Manual-Installed: no
APT-Sources: http://phx-ad-3.clouds.archive.ubuntu.com/ubuntu noble/main amd64 Packages
Description: program for managing a Netfilter firewall
 The Uncomplicated FireWall is a front-end for iptables, to make managing a
 Netfilter firewall easier. It provides a command line interface with syntax
 similar to OpenBSD's Packet Filter. It is particularly well-suited as a
 host-based firewall.

Post do-release-upgrade, iptables-persistent and netfilter-persistent
are removed, which breaks any machines that relied on their
configuration.

** Affects: ubuntu-release-notes
     Importance: Undecided
         Status: New

** Affects: ubuntu-release-upgrader (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: ubuntu-release-upgrader (Ubuntu Noble)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-release-upgrader in
Ubuntu.
https://bugs.launchpad.net/bugs/2061891

Title:
  Noble upgrade breaks iptables-persistent and netfilter-persistent
  usage

Status in Release Notes for Ubuntu:
  New
Status in ubuntu-release-upgrader package in Ubuntu:
  New
Status in ubuntu-release-upgrader source package in Noble:
  New

Bug description:
  Upgrade from Jammy to Noble breaks iptables-persistent and netfilter-
  persistent firewall configuration if ufw is also installed pre-
  upgrade.

  
  from /var/log/dist-upgrade/apt.log:
  Broken ufw:amd64 Breaks on iptables-persistent:amd64 < 1.0.16 -> 1.0.20 @ii umU >
    Considering iptables-persistent:amd64 -1 as a solution to ufw:amd64 5
    Added iptables-persistent:amd64 to the remove list
    Conflicts//Breaks against version 1.0.16 for iptables-persistent but that is not InstVer, ignoring
  Broken ufw:amd64 Breaks on netfilter-persistent:amd64 < 1.0.16 -> 1.0.20 @ii umU >
    Considering netfilter-persistent:amd64 0 as a solution to ufw:amd64 5
    Added netfilter-persistent:amd64 to the remove list
    Conflicts//Breaks against version 1.0.16 for netfilter-persistent but that is not InstVer, ignoring
    MarkDelete iptables-persistent:amd64 < 1.0.16 -> 1.0.20 @ii umU > FU=0
    Fixing ufw:amd64 via remove of iptables-persistent:amd64
    MarkDelete netfilter-persistent:amd64 < 1.0.16 -> 1.0.20 @ii umU > FU=0
    Fixing ufw:amd64 via remove of netfilter-persistent:amd64

  ufw 0.36.2-1 add the breaks
  $ apt show ufw
  Package: ufw
  Version: 0.36.2-6
  Priority: standard
  Section: admin
  Origin: Ubuntu
  Maintainer: Jamie Strandboge <jdstrand at ubuntu.com>
  Bugs: https://bugs.launchpad.net/ubuntu/+filebug
  Installed-Size: 869 kB
  Depends: iptables, ucf, python3:any, debconf (>= 0.5) | debconf-2.0
  Suggests: rsyslog
  Breaks: iptables-persistent, netfilter-persistent
  Homepage: https://launchpad.net/ufw
  Task: standard
  Download-Size: 169 kB
  APT-Manual-Installed: no
  APT-Sources: http://phx-ad-3.clouds.archive.ubuntu.com/ubuntu noble/main amd64 Packages
  Description: program for managing a Netfilter firewall
   The Uncomplicated FireWall is a front-end for iptables, to make managing a
   Netfilter firewall easier. It provides a command line interface with syntax
   similar to OpenBSD's Packet Filter. It is particularly well-suited as a
   host-based firewall.

  Post do-release-upgrade, iptables-persistent and netfilter-persistent
  are removed, which breaks any machines that relied on their
  configuration.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-release-notes/+bug/2061891/+subscriptions

More information about the foundations-bugs mailing list