Description of problem: iptables-save corrupts the output for the "port scan detection" rule by deleting two spaces in it, making iptables-restore fail. Version-Release number of selected component (if applicable): iptables-1.4.21-3.mga5 How reproducible: Always. Confirmed by another user. Steps to Reproduce: 1. Open drakfirewall and configure it: - Open services: none - Advanced: empty, unchecked - Use Interactive firewall: checked. Port scan detection: checked. Accept the interface. 2. Save the firewall rules with iptables-save and import them with iptables-restore: # iptables-save | iptables-restore iptables-restore v1.4.21: Couldn't load match `psd--psd-weight-threshold':No such file or directory Error occurred at line: 106 Try `iptables-restore -h' or 'iptables-restore --help' for more information. ======================== Line 106 is: -A Ifw -m conntrack --ctstate INVALID,NEW -m psd--psd-weight-threshold 10 --psd-delay-threshold 10000 --psd-lo-ports-weight 2 --psd-hi-ports-weight 1 -j IFWLOG--log-prefix "SCAN" It has two errors: one space is needed after "-m psd" and another one after "-j IFWLOG". Doing this allows the import: # iptables-save | sed -e 's/-m psd-/-m psd -/;s/-j IFWLOG/-j IFWLOG /' | iptables-restore Sourcing directly the port scan detection file /etc/ifw/rules.d/psd (from mandi-1.4-1.mga5, has correct spacing), doesn't make any difference: iptables-save will delete again those spaces. Reproducible: Steps to Reproduce:
CC: (none) => marja11Assignee: bugsquad => tmb
Correction: the file /etc/ifw/rules.d/psd belongs to the package mandi-ifw-1.4-1.mga5, not to mandi-1.4.1.mga5.
Hi Sean, Thank you for having taken the needed time to report this issue! Did this bug get fixed? If so, please change its status to RESOLVED - FIXED If it didn't, then we regret that we weren't able to fix it in Mageia 5. Mageia 5 has officially reached its End of Life on December 31st, 2017 https://blog.mageia.org/en/2017/11/07/mageia-5-eol-postponed/ It only continued to get important security updates since then, because we are waiting for a big Plasma5 update in Mageia 6, that'll fix many of the Mageia 5 => 6 upgrade issues. If you haven't seen that this bug got fixed, then please check whether this bug still exists in Mageia 6. If it does, then please change the Version (near the top, at the left) to "6". If you know it exists in Cauldron, then change Version to Cauldron. If you see it in both Cauldron and Mageia 6, then please set version to Cauldron and add MGA6TOO on the Whiteboard. Thanks, Marja
No reply, so closing as OLD ==> If you didn't reset your password after February 2018, then you'll need to reset it here https://identity.mageia.org/forgot_password to be able to log in and comment in this report. <==
Resolution: (none) => OLDStatus: NEW => RESOLVED