Your message dated Thu, 13 Feb 2020 11:49:08 +0000 with message-id <e1j2czu-0004rr...@fasolo.debian.org> and subject line Bug#951102: fixed in iptables 1.8.4-3 has caused the Debian Bug report #951102, regarding iptables-restore empty line not accepted any more (regression) to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 951102: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951102 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: iptables Version: 1.8.4-2 Severity: grave Tags: security After upgrading from "1.8.3-2", iptables-restore handles empty lines differently and does not restore the rules. Thus old rulesets stored with save and then annotated for better readability (to avoid loads of "iptables -A" calls), do not load any more. As firewall data is ignored, this might break network access to machines or have unknown security impact on the current firewall ruleset. # iptables-restore --noflush <<EOF > *nat > > -A POSTROUTING -s 10.0.0.0/16 -o usb0 -j SNAT --to-source 192.168.0.1 > COMMIT > *filter > > -A INPUT -p tcp -m tcp --dport 22 -j DROP > COMMIT > EOF iptables-restore: COMMIT expected at line 2 # iptables-restore --noflush <<EOF > *nat > -A POSTROUTING -s 10.0.0.0/16 -o usb0 -j SNAT --to-source 192.168.0.1 > COMMIT > *filter > > -A INPUT -p tcp -m tcp --dport 22 -j DROP > COMMIT > EOF iptables-restore: COMMIT expected at line 5
--- End Message ---
--- Begin Message ---Source: iptables Source-Version: 1.8.4-3 We believe that the bug you reported is fixed in the latest version of iptables, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 951...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Arturo Borrero Gonzalez <art...@debian.org> (supplier of updated iptables package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 13 Feb 2020 12:20:19 +0100 Source: iptables Architecture: source Version: 1.8.4-3 Distribution: unstable Urgency: medium Maintainer: Debian Netfilter Packaging Team <pkg-netfilter-t...@lists.alioth.debian.org> Changed-By: Arturo Borrero Gonzalez <art...@debian.org> Closes: 949518 949576 951102 Changes: iptables (1.8.4-3) unstable; urgency=medium . [ Alberto Molina Coballes ] * [d87a98a] libiptc-dev: add Breaks and Replaces fields (Closes: #949576) . [ Arturo Borrero Gonzalez ] * [c66f003] d/patches: add 0000-upstream-xtables-restore-empty-lines.patch (Closes: #949518, #951102) Checksums-Sha1: 6855e5a47a33d16db736cb1e230e07a6260abe36 2719 iptables_1.8.4-3.dsc 2bd50da76dc5f6d2a0a5ab19b1309256b5b9541a 65296 iptables_1.8.4-3.debian.tar.xz 665a9e5c2d210c244c4829267e7839a28078acad 8930 iptables_1.8.4-3_amd64.buildinfo Checksums-Sha256: 0d0c9ae69f984d7ad8aef1f4361e56b01dfbb3908f2640644b02c62c0623f723 2719 iptables_1.8.4-3.dsc 1d7018909d55f4f578f811ee5eff7591d91af79a6283a947d1c8c2c5f5a4ffab 65296 iptables_1.8.4-3.debian.tar.xz 246db2f866719056a6151bbf012009e37f17dab73cb32f1c3d1bceb9aaa8e854 8930 iptables_1.8.4-3_amd64.buildinfo Files: b1c340a45b30e219f0699556ee025b4e 2719 net optional iptables_1.8.4-3.dsc f5ecfac4e9b237523918d4455a048328 65296 net optional iptables_1.8.4-3.debian.tar.xz 6ed24d046354ea4bc3e1183aaae47f4e 8930 net optional iptables_1.8.4-3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE3ZhhqyPcMzOJLgepaOcTmB0VFfgFAl5FMmwACgkQaOcTmB0V FfhnwA//VpbUjvSYQkdTxP97m1/1g1KZPcoGUgzN0Xt+qNhyjgUBbfKaqzsUSZMu 2ej6+4xZ+qFjKolOdnkNew/rE4BUk3mH74cKQQKChBT5ud0tNKMZru8XeVNHbUBT ajBwDrHHusdhnEod2wODH2Ip4UurkXSVgY3eeDSLLrvMYMaAqkchznSj6r693ks3 PSw+S8zDYlYO5sMIWB4B52TCuOqtmCOl2THaRt4e3+kSG6PfotgCAQdMhQ/Ki6ka XIN6dA04MGt+YJlBEBbMpAmamN6QPPgMZjCSv8nWpJKjy5nN0YCrEb+f0NjLrhtn EKGAu2bAUAbsSGZUz4rQwJjMIqPbRKpYOhfpX5UYg9E/xS4AKuIg07aNSH6xtsQe cwQ6IUHt/I5LcopQfDEXJdcvInT42cVLNXCrET4U4g+cJ5Naiqery6gBOUCmPl/g R0nS3wYVooW4/CT+7iS0UxtgDEXkNyLQl5uRGX8qS/Rzmp6gJbDdEGA5xxUr4Oxv hi1OKxFQ0YB24+Zj5dEBWBTwoa5C6KYiUwYNB3gmNgtQNAExZsZTolkHO8z5Gt5/ nUOgkCMrwqguBfA4xqu4DmVnGU9reTw3wfX6fpzSUXNaxNwp+o1irqAFXUycMqor YHDajXk8I7g2XRDrea4L08cZbGhJ05h/oUOCB52MrHabdemECEw= =EGai -----END PGP SIGNATURE-----
--- End Message ---
