© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
If your iptables contains rules that use --hex-string from string module, example
iptables -A INPUT -i eth0 -p udp -m string --hex-string "|ffffffff50|" --algo bm --to 65535 -j DROP
and then you dump your iptables rules to a file with iptables-save, the rule above will be written as
-A INPUT -i eth0 -p udp -m string --hex-string"
Notice the absence of a required space before the hex-string pattern. This also cause iptables-restore to complain about the rule being invalid when importing the rules file and halt at the rule with error
This bug is reproduceable on both Precise (iptables 1.4.12-1ubuntu4) and Quantal (1.4.12-2ubuntu2)
People that automatically restores their iptables rules at boot might want to manually correct the rule in their firewall rules file if they use --hex-string