upstream break: 0bfcb7b71e735560077a42847f69597ec7dcc326 netfilter: xtables: avoid NFPROTO_UNSPEC where needed
Upstream fix: 306ed1728e8438caed30332e1ab46b28c25fe3d8 netfilter: xtables: fix typo causing some targets not to load on IPv6 Sample error message: ip6tables-restore v1.8.7 (nf_tables): unknown option "--nflog-group" (came here to add the missing keywords - search does not find this bug affecting NFLOG TRACE MARK targets) ** Summary changed: - iptables incompatibility + iptables NFLOG TRACE MARK incompatibility -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2104282 Title: iptables NFLOG TRACE MARK incompatibility Status in linux package in Ubuntu: Confirmed Status in linux source package in Noble: Fix Committed Bug description: After upgrading to linux-image-6.8.0-56-generic my RKE2 based kubernetes cluster on Ubuntu 24.04.2 LTS started having some problems. The kubeproxy pods started crashlooping with an error that said "Failed to execute iptables-restore" err=<exit status 2: Warning: Extension MARK revision 0 not supported, missing kernel module? ip6tables-restore v1.8.9 (nf_tables): unknown option "--xor-mark" Bringing the kernel back to linux-image-6.8.0-55-generic immediately solved the issue. Booting it back to linux-image-6.8.0-56-generic brought it back. Had to test again to be certain as there was other changes to the cluster in the last few hours. cat /proc/version_signature: Ubuntu 6.8.0-55.57-generic 6.8.12 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2104282/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
