[Bug 544984] Re: netfilter xt_recent --rcheck fails to match
Colm Buckley
colm at tuatha.org
Tue Mar 23 23:13:38 UTC 2010
The attached script (recent.sh) demonstrates the bug; it sets up an
iptables rule to log packets which match an entry in an xt_recent table
and then causes some traffic which should fire the rule.
On Karmic (correct behaviour), the output is:
Linux 2.6.31-20-server #58-Ubuntu SMP Fri Mar 12 05:40:05 UTC 2010
Testing list table follows (should have 1 line) :
src=127.0.0.2 ttl: 0 last_seen: 4294976129 oldest_pkt: 1 4294976129
---end
Connecting to 127.0.0.2...
Connecting to 127.0.0.3...
Looking for 127.0.0.2 logged packets (should be >0) : 2
Looking for 127.0.0.3 logged packets (should be 0) : 0
Note that it correctly finds two logged packets in dmesg.
On Lucid (incorrect behaviour), the output is:
Linux 2.6.32-17-generic #26-Ubuntu SMP Fri Mar 19 23:58:53 UTC 2010
Testing list table follows (should have 1 line) :
src=127.0.0.2 ttl: 0 last_seen: 4294918907 oldest_pkt: 1 4294918907
---end
Connecting to 127.0.0.2...
Connecting to 127.0.0.3...
Looking for 127.0.0.2 logged packets (should be >0) : 0
Looking for 127.0.0.3 logged packets (should be 0) : 0
Note that no packets are logged in dmesg, demonstrating that the
--rcheck rule has failed to fire.
** Attachment added: "Script to demonstrate the problem."
http://launchpadlibrarian.net/41783982/recent.sh
--
netfilter xt_recent --rcheck fails to match
https://bugs.launchpad.net/bugs/544984
You received this bug notification because you are a member of Kernel
Bugs, which is subscribed to linux in ubuntu.
More information about the kernel-bugs
mailing list