[pkg-netfilter-team] Bug#1051592: Regression: Commit "netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID" breaks ruleset loading in linux-stable
Salvatore Bonaccorso
carnil at debian.org
Sun Sep 24 12:48:00 BST 2023
Hi Arturo,
On Sat, Sep 16, 2023 at 09:02:34AM +0200, Arturo Borrero Gonzalez wrote:
> On Sat, Sep 16, 2023, 08:37 Salvatore Bonaccorso <carnil at debian.org> wrote:
>
> > Hi
> >
> > Dropping some recipients for the Debian specific handling of this
> > issue. So AFAIU upstream will not consider this on src:linux side to
> > be further handled and needs to be addressed in nftables.
> >
> > Arturo: With the patches provided I prepared (as Timo) an update
> > targetting bookworm for the next point release (bug for release.d.o to
> > be submitted soon).
> >
> > Attached is the proposed debdiff, ans as well as MR on salsa.
> >
> >
> > https://salsa.debian.org/pkg-netfilter-team/pkg-nftables/-/merge_requests/11
> > (note not touching thte salsa-ci part was deliberate, but to make the
> > piuparts test one would need adjustment of the target release. But as
> > itwas not done for the +deb12u1 itself, I have not touched this)
> >
> > The same would be needed OTOH for bullseye as well.
>
>
> Hi Salvatore,
>
> thanks for working on this. I just approved the salsa MR
>
> Please go ahead an upload to the archive via NMU as required ASAP. I won't
> be near the keyboard today.
The work for bookworm has been done, but for bullseye: would you be
able to help here and prepare the fixes? Unfortunatlly the fixes will
not apply cleanly. If we fear to much breakage, maybe upstream can be
convinced to help?
Regards,
Salvatore
More information about the pkg-netfilter-team
mailing list