Modify

Opened 3 years ago

Closed 3 years ago

#19031 closed defect (no_response)

iptables LOG target broken on 3.18 kernel

Reported by: Stijn Tintel <stijn@…> Owned by: developers
Priority: highest Milestone: Chaos Calmer 15.05
Component: base system Version: Trunk
Keywords: Cc:

Description

It is not possible to use the iptables LOG target with the 3.18 kernel:

root@ar0:~# iptables -I INPUT -i eth1 -j LOG
iptables: No chain/target/match by that name.

The target does exist in the kernel:

root@ar0:~# lsmod | grep -i log
xt_LOG
root@ar0:~# grep LOG /proc/net/ip_tables_targets 
LOG

I am seeing this on different targets:

  • octeon CC r43800, kernel 3.18.1
  • ar71xx CC r44486, kernel 3.18.7

This has a nasty side effect when you have a firewall zone with logging enabled. In this case, fw3 fails to install any firewall rules in the filter table, and you end up with a very broken router. I have set the priority to highest for this reason.

Attachments (0)

Change History (2)

comment:1 Changed 3 years ago by florian

Is this is still a problem in current trunk?

comment:2 Changed 3 years ago by nbd

  • Resolution set to no_response
  • Status changed from new to closed

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.