478224 – >=net-firewall/iptables-1.4.15 accidentally disabled recent module's reap functionality

Bug 478224 - >=net-firewall/iptables-1.4.15 accidentally disabled recent module's reap functionality

Summary: >=net-firewall/iptables-1.4.15 accidentally disabled recent module's reap fun...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Core system (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo's Team for Core System packages

URL:	http://git.netfilter.org/iptables/com...
Whiteboard:
Keywords:	PATCH

Depends on:
Blocks:

Reported:	2013-07-26 10:57 UTC by Thomas Deutschmann (RETIRED)
Modified:	2013-08-11 13:30 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Deutschmann (RETIRED) gentoo-dev

2013-07-26 10:57:34 UTC

Hi,

while preparing the upcoming shorewall-4.5.19 release for the tree, which will introduce event/trigger functionality using ip[6]tables 'recent' module, an iptables bug was uncovered:

http://thread.gmane.org/gmane.comp.security.shorewall/29850/focus=29859

Upstream fix is available at $URL

Can we get this patch applied?

Reproducible: Always

Steps to Reproduce:
1.  iptables -A %IfEvent -m recent --rcheck --second 120 --reap --hitcount 5 --name SSH --rsource -j SSH_BLACKLIST
Actual Results:  
iptables v1.4.19.1: unknown option "--reap"

Expected Results:  
No error message. "--reap" is a valid option.

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2013-08-11 13:30:47 UTC

Upstream released iptables-1.4.20, which contains the fix from $URL on 6th August 2013.

iptables-1.4.20 hit Gentoo's tree on 10th August 2013.