Your message dated Sat, 24 Sep 2005 00:00:55 +0200
with message-id <[EMAIL PROTECTED]>
and subject line fixed in the current version / woody-only
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 30 Oct 2004 10:47:23 +0000
>From [EMAIL PROTECTED] Sat Oct 30 03:47:23 2004
Return-path: <[EMAIL PROTECTED]>
Received: from wq174.internetdsl.tpnet.pl (padme.taniec.info) [80.55.198.174]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CNqlX-00046Y-00; Sat, 30 Oct 2004 03:47:23 -0700
Received: from localhost (localhost [127.0.0.1])
by padme.taniec.info (Postfix) with ESMTP id 34D5F47E31
for <[EMAIL PROTECTED]>; Sat, 30 Oct 2004 12:46:35 +0200 (CEST)
X-Mailbox-Line: From [EMAIL PROTECTED] Sat Oct 30 12:46:35 2004
Received: by padme.taniec.info (Postfix, from userid 1000)
id D9FBB47E21; Sat, 30 Oct 2004 12:46:34 +0200 (CEST)
From: <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: iptables-save produces bad syntax (unloadable by iptables-restore)
X-Mailer: reportbug 1.50
Date: Sat, 30 Oct 2004 12:46:34 +0200
Message-Id: <[EMAIL PROTECTED]>
X-Virus-Scanned: by AMaViS snapshot-20020222
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.4 required=4.0 tests=BAYES_00,HAS_PACKAGE,
NO_REAL_NAME autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: iptables
Version: 1.2.6a-5
Severity: grave
Tags: security
Justification: user security hole
Lets add some rule with TOS and exclamation "!"
iptables -t mangle -A INPUT -m tos --tos ! 0x0
Lets save rulesets:
/etc/init.d/iptables save t
Lets load rulesets:
/etc/init.d/iptables load t
Loading iptables ruleset: load "t"iptables-restore v1.2.6a: Bad TOS value
!Normal-Service'
Lets check file "t":
cat /var/lib/iptables
[0:0] -A INPUT -m tos --tos !Normal-Service
There is space character missing between exclamation "!" and "Normal-Service"
which causes error.
I saved my rulesets to "active", and I lost my firewall after restart of the
system.
After few days I realised that some services (normally behind firewall) are
exposed to attacks.
Best Regards
Daniel Nguyen
[EMAIL PROTECTED]
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux padme.taniec.info 2.4.27-grsec #2 SMP Wed Oct 27 13:34:56 CEST
2004 i686
Locale: LANG=C, LC_CTYPE=C
Versions of packages iptables depends on:
ii debconf 1.0.32 Debian configuration management sy
ii libc6 2.2.5-11.5 GNU C Library: Shared libraries an
---------------------------------------
Received: (at 278916-done) by bugs.debian.org; 23 Sep 2005 22:01:02 +0000
>From [EMAIL PROTECTED] Fri Sep 23 15:01:02 2005
Return-path: <[EMAIL PROTECTED]>
Received: from neualius.turmzimmer.net [217.160.169.58]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EIvbK-00008M-00; Fri, 23 Sep 2005 15:01:02 -0700
Received: from [195.60.122.97] (helo=metis.turmzimmer.net)
by neualius.turmzimmer.net with esmtp (Exim 4.50)
id 1EIvbJ-0004UP-AN
for [EMAIL PROTECTED]; Sat, 24 Sep 2005 00:01:01 +0200
Received: from [192.168.111.1] (helo=eos.turmzimmer.net)
by metis.turmzimmer.net with esmtp (Exim 4.50)
id 1EIvbJ-0007wm-3f
for [EMAIL PROTECTED]; Sat, 24 Sep 2005 00:01:01 +0200
Received: from aba by eos.turmzimmer.net with local (Exim 4.50)
id 1EIvbD-0005of-K3
for [EMAIL PROTECTED]; Sat, 24 Sep 2005 00:00:55 +0200
Date: Sat, 24 Sep 2005 00:00:55 +0200
From: Andreas Barth <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: fixed in the current version / woody-only
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Editor: Vim http://www.vim.org/
User-Agent: Mutt/1.5.9i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
Version: 1.2.11-10
Hi,
according to the package log, that's already fixed in the sarge version
...
Cheers,
Andi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
