FYI, while these kernels are reported as fixed, /usr/share/ufw/check-requirements -f still fails. Eg, on grouper JENKINS_BUILD=saucy-24:
Has python: pass (binary: python2.7, version: 2.7.5+, py2)
Has iptables: pass
Has ip6tables: pass
Has /proc/net/dev: pass
Has /proc/net/if_inet6: pass
This script will now attempt to create various rules using the iptables
and ip6tables commands. This may result in module autoloading (eg, for
IPv6).
== IPv4 ==
Creating 'ufw-check-requirements'... done
Inserting RETURN at top of 'ufw-check-requirements'... done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: FAIL
limit: FAIL
state (NEW): FAIL
state (RELATED): FAIL
state (ESTABLISHED): FAIL
state (INVALID): FAIL
state (new, recent set): FAIL (no runtime support)
state (new, recent update): FAIL (no runtime support)
state (new, limit): FAIL
interface (input): pass
interface (output): pass
multiport: FAIL
comment: FAIL
addrtype (LOCAL): FAIL
addrtype (MULTICAST): FAIL
addrtype (BROADCAST): FAIL
icmp (destination-unreachable): pass
icmp (source-quench): pass
icmp (time-exceeded): pass
icmp (parameter-problem): pass
icmp (echo-request): pass
== IPv6 ==
Creating 'ufw-check-requirements6'... done
Inserting RETURN at top of 'ufw-check-requirements6'... done
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: FAIL
limit: FAIL
state (NEW): FAIL
state (RELATED): FAIL
state (ESTABLISHED): FAIL
state (INVALID): FAIL
state (new, recent set): FAIL (no runtime support)
state (new, recent update): FAIL (no runtime support)
state (new, limit): FAIL
interface (input): pass
interface (output): pass
multiport: FAIL
comment: FAIL
icmpv6 (destination-unreachable): pass
icmpv6 (packet-too-big): pass
icmpv6 (time-exceeded): pass
icmpv6 (parameter-problem): pass
icmpv6 (echo-request): pass
icmpv6 with hl (neighbor-solicitation): FAIL
icmpv6 with hl (neighbor-advertisement): FAIL
icmpv6 with hl (router-solicitation): FAIL
icmpv6 with hl (router-advertisement): FAIL
ipv6 rt: FAIL
FAIL: check your kernel and that you have iptables >= 1.4.0
FAIL: check your kernel and iptables for additional runtime support
FYI, while these kernels are reported as fixed, /usr/share/ ufw/check- requirements -f still fails. Eg, on grouper JENKINS_ BUILD=saucy- 24:
Has python: pass (binary: python2.7, version: 2.7.5+, py2)
Has iptables: pass
Has ip6tables: pass
Has /proc/net/dev: pass
Has /proc/net/if_inet6: pass
This script will now attempt to create various rules using the iptables requirements' ... done requirements' ... done unreachable) : pass problem) : pass
and ip6tables commands. This may result in module autoloading (eg, for
IPv6).
== IPv4 ==
Creating 'ufw-check-
Inserting RETURN at top of 'ufw-check-
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: FAIL
limit: FAIL
state (NEW): FAIL
state (RELATED): FAIL
state (ESTABLISHED): FAIL
state (INVALID): FAIL
state (new, recent set): FAIL (no runtime support)
state (new, recent update): FAIL (no runtime support)
state (new, limit): FAIL
interface (input): pass
interface (output): pass
multiport: FAIL
comment: FAIL
addrtype (LOCAL): FAIL
addrtype (MULTICAST): FAIL
addrtype (BROADCAST): FAIL
icmp (destination-
icmp (source-quench): pass
icmp (time-exceeded): pass
icmp (parameter-
icmp (echo-request): pass
== IPv6 == requirements6' ... done requirements6' ... done unreachable) : pass problem) : pass solicitation) : FAIL advertisement) : FAIL solicitation) : FAIL advertisement) : FAIL
Creating 'ufw-check-
Inserting RETURN at top of 'ufw-check-
TCP: pass
UDP: pass
destination port: pass
source port: pass
ACCEPT: pass
DROP: pass
REJECT: pass
LOG: pass
hashlimit: FAIL
limit: FAIL
state (NEW): FAIL
state (RELATED): FAIL
state (ESTABLISHED): FAIL
state (INVALID): FAIL
state (new, recent set): FAIL (no runtime support)
state (new, recent update): FAIL (no runtime support)
state (new, limit): FAIL
interface (input): pass
interface (output): pass
multiport: FAIL
comment: FAIL
icmpv6 (destination-
icmpv6 (packet-too-big): pass
icmpv6 (time-exceeded): pass
icmpv6 (parameter-
icmpv6 (echo-request): pass
icmpv6 with hl (neighbor-
icmpv6 with hl (neighbor-
icmpv6 with hl (router-
icmpv6 with hl (router-
ipv6 rt: FAIL
FAIL: check your kernel and that you have iptables >= 1.4.0
FAIL: check your kernel and iptables for additional runtime support