iptables-persistent update clobbers existing rules
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
iptables-persistent |
New
|
Undecided
|
Unassigned |
Bug Description
Running a minimal Ubuntu 20.04 on a server. The server has iptables-persistent installed and also uses iptables rules loaded in stages after boot or by various daemons to control multiple internal networks, spam, and stop attacks on the server.
I just did an upgrade which updated iptables-persistent to 1.0.14ubuntu1. When this update was applied it totally trashed the iptables rules including hundreds of existing active entries in the kernel and the file at /etc/iptables/
I don't think iptables-persistent should ever change any existing configuration files or change the existing rules in the kernel, especially without asking. This was unexpected behavior that could have led to a security breach.
Am I using iptables-persistent wrong?
description: | updated |
Changed in sbcl: | |
status: | New → Invalid |
status: | Invalid → New |
affects: | sbcl → ubuntu-ubuntu-server |
description: | updated |
affects: | ubuntu-ubuntu-server → iptables-persistent |