ufw crashed with Perhaps ip6tables or your kernel needs to be upgraded. in get_netfilter_capabilities() when using ipv6.disable=1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ufw |
Fix Released
|
Medium
|
Jamie Strandboge | ||
ufw (Ubuntu) |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Quantal |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Raring |
Fix Released
|
Medium
|
Jamie Strandboge |
Bug Description
ufw is unusable on systems without ipv6 support because ufw traces back when trying to run ip6tables to determine what capabilities the system has. Currently ufw will run ip6tables unconditionally which can fail when the system is booted with ipv6.disable=1 or when iptables is compiled without ipv6 support. The proposed fix (which is available in the devel release) adjusts initcaps() in backend.py to only run get_netfilter_
[Test Case #1]
1. Add ipv6.disable=1 to GRUB_CMDLINE_
2. Reboot
3. Adjust /etc/default/ufw to have "IPV6=no"
4. Run 'sudo ufw disable ; sudo ufw enable'
5. Run 'sudo ufw disable ; sudo ufw app update all'
Steps 4 and 5 will traceback without this SRU.
[Test Case #2]
1. mv /sbin/ip6tables /sbin/ip6tables.bak
2. Adjust /etc/default/ufw to have "IPV6=no"
3. Run 'sudo ufw disable ; sudo ufw enable'
4. Run 'sudo ufw disable ; sudo ufw app update all'
Steps 3 and 4 will traceback without this SRU.
(Test Case #1 is the important test for Ubuntu and why this bug needs the SRU)
[Regression Potential]
The regression potential is considered low because the patch is simple/easy to understand and the default behavior will not change for users. ufw, iptables and the Ubuntu kernel ship with IPV6 support enabled. Ufw also has a significant testsuite and a test script in QRT for Ubuntu integration (which will include test case #2 (test case #1 is not easily automatable)).
Previous Description:
Description: Ubuntu quantal (development branch)
Release: 12.10
Codename: quantal
ufw:
Installato: 0.33-0ubuntu1
Candidato: 0.33-0ubuntu1
Tabella versione:
*** 0.33-0ubuntu1 0
500 http://
100 /var/lib/
I'm not using or starting ufw... i have a customized script to load iptables rules on this system...
ProblemType: Crash
DistroRelease: Ubuntu 12.10
Package: ufw 0.33-0ubuntu1
ProcVersionSign
Uname: Linux 3.5.0-11-generic i686
ApportVersion: 2.4-0ubuntu8
Architecture: i386
Date: Tue Aug 21 20:02:32 2012
ExecutablePath: /usr/sbin/ufw
InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Release Candidate i386 (20100419.1)
InterpreterPath: /usr/bin/
PackageArchitec
ProcCmdline: /usr/bin/python3 /usr/sbin/ufw app update all
PythonArgs: ['/usr/sbin/ufw', 'app', 'update', 'all']
SourcePackage: ufw
Title: ufw crashed with Perhaps ip6tables or your kernel needs to be upgraded. in get_netfilter_
UpgradeStatus: Upgraded to quantal on 2012-08-15 (6 days ago)
UserGroups:
tags: | removed: need-duplicate-check |
Changed in ufw (Ubuntu): | |
importance: | Undecided → Medium |
Changed in ufw (Ubuntu): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
milestone: | none → quantal-updates |
status: | Confirmed → Triaged |
Changed in ufw: | |
status: | In Progress → Fix Committed |
description: | updated |
Changed in ufw (Ubuntu Quantal): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
description: | updated |
description: | updated |
Changed in ufw (Ubuntu Raring): | |
status: | Triaged → In Progress |
Changed in ufw (Ubuntu Quantal): | |
status: | Triaged → In Progress |
Changed in ufw: | |
status: | Fix Committed → Fix Released |
People have also commented in bug #194844 and bug #1069097 that they are encountering this problem.