I am new to reporting debian bugs so I follow your advice concerning the
severity ;-)
changing systemd-files was also my solution (creating a dependency)
better would be if netfilter-persistent would move to a point in boot when no
other iptables-touching software would run, but idk if this is
Le mardi 19 janvier 2021 à 11:20:41+0100, Ludwig Gramberg a écrit :
> Hi Pierre-Elliot,
>
> it’s not that you lose rules set by lxc-net, you basically have a
> race-condition.
>
> lxc-net is setting rules directly by calling iptables commands,
> setting one rule at a time. iptables-persistent o
Hi Pierre-Elliot,
it’s not that you lose rules set by lxc-net, you basically have a
race-condition.
lxc-net is setting rules directly by calling iptables commands, setting one
rule at a time.
iptables-persistent on the other hand is using the iptables-restore command and
these don’t mix.
If an
Control: severity -1 important
Control: tags -1 +stretch
Le vendredi 30 octobre 2020 à 16:10:09+0100, Ludwig Gramberg a écrit :
> when lxc-net and netfilter/iptables-persistent are installed the start-up
> script
> in lxc-net uses iptables-commands while iptables-restore is used by
> netfilter-p
Package: lxc
Version: 1:2.0.7-2+deb9u2
Severity: grave
Tags: security
Justification: user security hole
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
when lxc-net and netfilter/iptables-persistent are installed the start-up script
in lxc-net uses
5 matches
Mail list logo
