ebtables-restore error "Bad table name 'filter'"

Bug #1672276 reported by Alex Topchiy
52
This bug affects 9 people
Affects Status Importance Assigned to Milestone
ebtables (Ubuntu)
Fix Released
High
Unassigned
Xenial
Won't Fix
Undecided
Unassigned
Yakkety
Won't Fix
Undecided
Unassigned
Zesty
Won't Fix
Undecided
Unassigned
Bionic
Triaged
Undecided
Unassigned

Bug Description

ubuntu server 16.04.1 ethernet bridge + ebtables

Standard use.
ebtables-save > txt1.txt

I get this file.

# Generated by ebtables-save v1.0 on Fri Mar 10 16:11:58 MSK 2017
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
-A FORWARD -p IPv4 -o enp0s9 --ip-dst 192.168.1.41 --ip-proto tcp -j DROP

I do not modify this file.

I drop the chains.
ebtables -F

I try to restore a configuration from a file I receive an error.
ebtables-restore < txt1.txt
Bad table name 'filter'.

It seems that ebtables-restore does not support the files that ebtables-save generates.

madbiologist (me-again)
tags: added: xenial
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in ebtables (Ubuntu):
status: New → Confirmed
Revision history for this message
Joshua Powers (powersj) wrote :

This appears to exist on Xenial, Yakkety, and Zesty. Brought up a quick LXD using the ubuntu-daily images and reproduced it in each.

tags: added: yakkety zesty
Revision history for this message
ktf (mvanb1) wrote :

Is there a workaround or a way to make a file that ebtables-restore does accept, by hand for example?

Changed in ebtables (Ubuntu):
importance: Undecided → High
Revision history for this message
Joshua Powers (powersj) wrote :

@ktf the only other report of this I could find was someone doing the restore manually here:
http://knoffhoff.tumblr.com/post/59967875099/how-to-save-and-load-ebtables-rules

Use at your own risk as I have yet to test that.

Revision history for this message
Nish Aravamudan (nacc) wrote :

# ebtables-restore < txt1.txt
Bad table name 'filter'.
# ebtables -t filter -L
Bridge table: filter

Bridge chain: INPUT, entries: 0, policy: ACCEPT

Bridge chain: FORWARD, entries: 0, policy: ACCEPT

Bridge chain: OUTPUT, entries: 0, policy: ACCEPT

So i think this is a bug, probably upstream?

Heh, looks like upstream recently deleted this file: https://git.netfilter.org/ebtables/commit/?id=826faffa38de8ce55bb32cd1549fb732229fd80f but I think it's unrelated. In any case, we should probably try to build from source on a victim LXD and debug it a bit further.

Changed in ebtables (Ubuntu):
status: Confirmed → Triaged
Joshua Powers (powersj)
tags: added: needs-upstream-report
Revision history for this message
Immo (iwetzel) wrote :

any news on this

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

@Nish / @Josh - you worked on this before, was there any upstream report already that might be missing or is this waiting for someone to actually report it first (also pinging on IRC about it)?

Revision history for this message
Joshua Powers (powersj) wrote :

I don't believe there was an upstream report, however it looks like ebtables-restore was removed from the upstream repo here:

https://git.netfilter.org/ebtables/commit/?id=826faffa38de8ce55bb32cd1549fb732229fd80f

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Some sort of initialization is missing:

96 struct ebt_u_table *ebt_find_table(const char *name)
97 {
98 struct ebt_u_table *t = ebt_tables;
99
100 while (t && strcmp(t->name, name)) {
101 printf("t->name: %s name: %s", t->name, name);
(gdb) n
98 struct ebt_u_table *t = ebt_tables;
(gdb) n
100 while (t && strcmp(t->name, name)) {
(gdb) p t
$1 = (struct ebt_u_table *) 0x0
(gdb) p name
$2 = 0x602100 <replace> "filter"
(gdb) p ebt_tables
$3 = (struct ebt_u_table *) 0x0

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in ebtables (Ubuntu Xenial):
status: New → Confirmed
Changed in ebtables (Ubuntu Yakkety):
status: New → Confirmed
Changed in ebtables (Ubuntu Zesty):
status: New → Confirmed
Revision history for this message
Glauber Ferreira (alphardbr) wrote :

It's been like 2 years, any news on this?
Also affects bionic.

Revision history for this message
Paride Legovini (paride) wrote :

This seems to be fixed in Focal, where all the tooling is based on nftables:

root@focal # ebtables-save | tee dump.txt
# Generated by ebtables-save v1.8.4 on Thu Apr 30 19:03:09 2020
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
# Completed on Thu Apr 30 19:03:09 2020
root@focal# ebtables -F
root@focal# ebtables-restore < dump.txt
root@focal#

Changed in ebtables (Ubuntu Xenial):
status: Confirmed → Triaged
Changed in ebtables (Ubuntu Bionic):
status: New → Triaged
Changed in ebtables (Ubuntu Yakkety):
status: Confirmed → Won't Fix
Changed in ebtables (Ubuntu Zesty):
status: Confirmed → Won't Fix
Changed in ebtables (Ubuntu):
status: Triaged → Fix Released
Revision history for this message
Miriam España Acebal (mirespace) wrote :

Hi,

I hit this old bug while doing some clearance.

Xenial reached EOSS (End of Standard Support) so I'm afraid it can't be fixed. It is unfortunate that we were unable to resolve this defect, however, there appears to be no further action possible at this time because it's not a security bug.

For Bionic the bug is still present. I took a look at the different commits between Focal's version (bug fixed) and Bionic's one here [1] but, at first glance, there is no isolated commit for the fix, so a deeper investigation has to be made to estimate how many changes it would imply without getting too close to the whole next fixed release.

https://git.netfilter.org/ebtables/log/?h=ebtables-2.0.11&showmsg=1

Changed in ebtables (Ubuntu Xenial):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers