[pkg-netfilter-team] Bug#950535: Bug#950535: iptables-restore segfaults on nat table
Christoph Martin
martin at uni-mainz.de
Thu Feb 13 10:03:33 GMT 2020
Hil Alberto,
Am 13.02.20 um 10:11 schrieb Alberto Molina Coballes:
>
> Is this ruleset a real one obtained from ufw? I ask because the next one
> doesn't result in segfault:
>
> *nat
> -F PREROUTING
> -F POSTROUTING
> -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-ports 1194
> COMMIT
>
> I don't understand the rule "-F PREROUTING" after a "-A ..." one. It
> seems that the segfault happens in this specific case (it's a bug of
> course, but not a bug with grave severity).
Actually I stripped it down to these lines, because this is the minimum
set of rules which makes it crash.
In my UFW before.rules files I have several PREROUTING and POSTROUTING
rules with a -F before the -A rules block in the nat table.
Christoph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20200213/eec3eb6a/attachment.sig>
More information about the pkg-netfilter-team
mailing list