Ubuntu
linux package

NETFILTER kernel configuration should be consistent for i386, amd64 and lpia

Bug #357768 reported by Brad Figg
2
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
High
Brad Figg
Karmic
Fix Released
High
Brad Figg

Bug Description

This is essentially bug#355291 but for Karmic. It is filed separately because #355291 for jaunty has been fixed-released and the same changes need to be made for Karmic and tracked.

From bug#355291:
The 'recent' module of iptables is broken on lpia because the kernel is compiled without CONFIG_NETFILTER_XT_MATCH_RECENT. This is a regression over Intrepid:

$ grep RECENT ./config-2.6.2*
./config-2.6.27-4-lpia:CONFIG_IP_NF_MATCH_RECENT=m
./config-2.6.28-11-lpia:# CONFIG_NETFILTER_XT_MATCH_RECENT is not set

$ cat /proc/version_signature
Ubuntu 2.6.28-11.40-lpia
$ sudo iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set
iptables: No chain/target/match by that name

Ufw uses this module when using the LIMIT command, which causes the firewall to not load on boot due to iptables-restore failing. Ufw users are only affected when using LIMIT rules.

Brad Figg (brad-figg)
Changed in linux (Ubuntu):
assignee: nobody → brad-figg
status: New → In Progress
Brian Murray (brian-murray)
tags: added: regression-potential
Steve Beattie (sbeattie)
Changed in linux (Ubuntu Karmic):
importance: Undecided → High
Andy Whitcroft (apw)
Changed in linux (Ubuntu Karmic):
status: In Progress → Fix Committed
Revision history for this message
Andy Whitcroft (apw) wrote :

This was actually included in the origin 2.6.30 upload but was missed in the changelog. Moving Fix Released.

Changed in linux (Ubuntu Karmic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.