Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 478224

Summary: >=net-firewall/iptables-1.4.15 accidentally disabled recent module's reap functionality
Product: Gentoo Linux Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: [OLD] Core systemAssignee: Gentoo's Team for Core System packages <base-system>
Status: RESOLVED FIXED    
Severity: normal Keywords: PATCH
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://git.netfilter.org/iptables/commit/?id=8cf6fb833840d794289f2abf04b2c5cade5a37bf
Whiteboard:
Package list:
Runtime testing required: ---

Description Thomas Deutschmann (RETIRED) gentoo-dev 2013-07-26 10:57:34 UTC 
Hi,

while preparing the upcoming shorewall-4.5.19 release for the tree, which will introduce event/trigger functionality using ip[6]tables 'recent' module, an iptables bug was uncovered:

http://thread.gmane.org/gmane.comp.security.shorewall/29850/focus=29859

Upstream fix is available at $URL

Can we get this patch applied?

Reproducible: Always

Steps to Reproduce:
1.  iptables -A %IfEvent -m recent --rcheck --second 120 --reap --hitcount 5 --name SSH --rsource -j SSH_BLACKLIST
Actual Results:  
iptables v1.4.19.1: unknown option "--reap"

Expected Results:  
No error message. "--reap" is a valid option.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2013-08-11 13:30:47 UTC 
Upstream released iptables-1.4.20, which contains the fix from $URL on 6th August 2013.

iptables-1.4.20 hit Gentoo's tree on 10th August 2013.