Summary: | net-firewall/iptables-1.3.5-r4 - double free on rules load | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Christian Anthon <anthon> |
Component: | Current packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | RESOLVED WORKSFORME | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Christian Anthon
2007-06-17 19:58:06 UTC
The offending line is commented out in the attached script. It is obviously this script I mean iptables -X iptables -F iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -s 192.168.2.0/255.255.255.0 -j ACCEPT iptables -A INPUT -p tcp -m multiport --dports 22,80,443,51321 -m tcp -j ACCEPT iptables -A INPUT -p udp --dport 51321 -m udp -j ACCEPT #iptables -A INPUT -p udp --dport 51321 -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -m limit --limit 10/min -j LOG In reply to comment #0) emerge --info please. It is an amd64 running 32 bit gentoo, should that matter. Portage 2.1.2.7 (default-linux/x86/2007.0, gcc-4.1.2, glibc-2.5-r3, 2.6.20-gentoo-r8 i686) ================================================================= System uname: 2.6.20-gentoo-r8 i686 AMD Athlon(tm) 64 Processor 3500+ Gentoo Base System release 1.12.9 Timestamp of tree: Fri, 15 Jun 2007 07:30:10 +0000 ccache version 2.4 [enabled] dev-java/java-config: 1.3.7, 2.0.32 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r7 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=k8 -ggdb -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -march=k8 -ggdb -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="ccache distlocks metadata-transfer nostrip parallel-fetch sandbox sfperms strict" GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ http://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo " LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LINGUAS="en da de" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X aac acl alsa apache2 apm bash-completion berkdb bitmap-fonts bogofilter branding bzip2 cairo cdparanoia cdr cli cracklib crypt cups dbus doc dri dvd dvdr dvdread emacs esd expat ffmpeg firefox flac fortran gcj gd gdbm gif gimpprint gmp gnome gpm graphviz gs gstreamer gtk gtkhtml hal iconv imlib isdnlog java jpeg kde libg++ mad midi mmx mmxext mp3 mpeg mudflap ncurses nls nptl nptlonly nsplugin nvidia offensive ogg opengl openmp oss pam pcre perl pic png pppd python qt3 qt3support qt4 quicktime readline real reflection sdl session spell spl sqlite sse sse2 ssl suid svg t1lib tcpd tetex tiff truetype truetype-fonts type1-fonts unicode usb vorbis win32codecs wmf x86 xine xml xorg xpm xprint xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en da de" USERLAND="GNU" VIDEO_CARDS="nvida nv vesa" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY Reopen. so why dont you try iptables-1.3.7 re-open if it doesnt work with 1.3.8 |