Modify

Opened 6 years ago

Last modified 4 years ago

#10319 new defect

fw stop/reload generate errors: iptables v1.4.6: Couldn't load target `zone_tunnel_MSSFIX':File not found

Reported by: SummerTown <gmshake@…> Owned by: developers
Priority: normal Milestone: Chaos Calmer 15.05
Component: base system Version: Backfire 10.03.1 RC5
Keywords: firewall Cc:

Description

With the new version of Backfire(r28671), I get this error when reload firewall rules or stop firewall:

iptables v1.4.6: Couldn't load target `zone_tunnel_MSSFIX':File not found

Try `iptables -h' or 'iptables --help' for more information.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.

config file (/etc/config/firewall):

config zone
        option name     tunnel
        option network  tunnel
        option input    REJECT
        option output   ACCEPT
        option forward  ACCEPT
        option mtu_fix  1
        option family   ipv6

I noticed that the change in r28671 did not check family when mtu_fix is set

Index: branches/backfire/package/firewall/files/lib/core.sh
===================================================================
--- a/branches/backfire/package/firewall/files/lib/core.sh
+++ b/branches/backfire/package/firewall/files/lib/core.sh
@@ -68,4 +68,10 @@
                                 INTERFACE="$n" DEVICE="$i" /sbin/hotplug-call firewall
                 done
+
+                config_get i core "${z}_tcpmss"
+                [ "$i" == 1 ] && {
+                        fw del i m FORWARD zone_${z}_MSSFIX
+                        fw del i m zone_${z}_MSSFIX
+                }
         done

Here is my fix:

Index: package/firewall/files/lib/core.sh
===================================================================
--- package/firewall/files/lib/core.sh	(revision 28671)
+++ package/firewall/files/lib/core.sh	(working copy)
@@ -70,8 +70,16 @@
 
 		config_get i core "${z}_tcpmss"
 		[ "$i" == 1 ] && {
-			fw del i m FORWARD zone_${z}_MSSFIX
-			fw del i m zone_${z}_MSSFIX
+			config_get i core "${z}_ipv4"
+			[ "$i" == 1 ] && {
+				fw del 4 m FORWARD zone_${z}_MSSFIX
+				fw del 4 m zone_${z}_MSSFIX
+			}
+			config_get i core "${z}_ipv6"
+			[ "$i" == 1 ] && {
+				fw del 6 m FORWARD zone_${z}_MSSFIX
+				fw del 6 m zone_${z}_MSSFIX
+			}
 		}
 	done

Attachments (1)

core.sh.diff (658 bytes) - added by SummerTown <gmshake@…> 6 years ago.

Download all attachments as: .zip

Change History (2)

Changed 6 years ago by SummerTown <gmshake@…>

comment:1 Changed 4 years ago by jow

  • Milestone changed from Backfire 10.03.2 to Chaos Calmer (trunk)

Milestone Backfire 10.03.2 deleted

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.