Package: ferm
Version: 2.4-1
Severity: normal
The output from "ferm --remote --slow" differs from run to run on the
same input file. As far as I can see, it's generating the "iptables
-P" commands in some non-deterministic order.
For example, this input file
----
table filter {
chain INPUT {
policy DROP;
mod state state (ESTABLISHED RELATED) ACCEPT;
}
chain FORWARD policy DROP;
chain OUTPUT policy ACCEPT;
}
----
generates different orderings each time it is run.
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing'), (400, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.18.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages ferm depends on:
ii debconf 1.5.69
ii init-system-helpers 1.54
ii iptables 1.6.2-1.1
ii lsb-base 9.20170808
ii perl 5.26.2-7
Versions of packages ferm recommends:
ii libnet-dns-perl 1.17-1
ferm suggests no packages.
-- Configuration Files:
/etc/ferm/ferm.conf [Errno 13] Permission denied: '/etc/ferm/ferm.conf'
-- debconf information excluded
