after upgrade to 1871 kernel and iptables 1.3.4-3 I have problems with iptables. Actually I made a localupdate when 1869 and 1871 were in place. I didn't notice that yum proposed to deinstall 1869 and reinstall 1871. I had these messages when overwriting my running kernel: [root@fedora fedora]# less /tmp/yum.log Installing: kernel ####################### [18/70]
/var/tmp/rpm-tmp.64393: line 1: 3235 Segmentation fault /usr/sbin/module_upgrade 2.6.15-1.1871_FC5 [snip] Installing: kernel-smp ####################### [25/70] /var/tmp/rpm-tmp.86392: line 1: 3829 Segmentation fault /usr/sbin/module_upgrade 2.6.15-1.1871_FC5smp [snip]
Cleanup : pirut ####################### [64/70] Could not parse file '/usr/share/applications/redhat-ekiga.desktop': Failed to open file '/usr/share/applications/redhat-ekiga.desktop': No such file or directory Removing : openh323 ####################### [65/70]
Now iptables give these errors: [root@fedora fedora]# service iptables restart Flushing firewall rules: iptables: loop hook 0 pos 0 00000021. iptables: Too many levels of symbolic links iptables: loop hook 0 pos 0 00000021. iptables: Too many levels of symbolic links [FAILED] Setting chains to policy ACCEPT: nat iptables: Invalid argument [FAILED] Unloading iptables modules: Removing netfilter NETLINK layer. [ OK ] Applying iptables firewall rules: ip_tables: (C) 2000-2006 Netfilter Core Team Netfilter messages via NETLINK v0.30. ip_conntrack version 2.4 (8191 buckets, 65528 max) - 232 bytes per conntrack iptables-restore v1.3.4: Can't set policy `POSTROUTING' on `ACCEPT' line 4: Bad built-in chain name
[FAILED]
Any hint? No changes made at /etc/sysconfig/iptables file. [root@fedora fedora]# rpm -q --changelog iptables|head -20
* Tue Jan 24 2006 Thomas Woerner twoerner@redhat.com 1.3.4-3 - added important iptables header files to devel package
* Fri Dec 09 2005 Jesse Keating jkeating@redhat.com - rebuilt
tor, 26 01 2006 kl. 10:33 -0800, skrev Gianluca Cecchi:
Any hint? No changes made at /etc/sysconfig/iptables file.
As I understand this is a known issue with the kernel
- David
Great!! :-) Can't live without a firewall... But in iptable or kernel ?
//VD
Dave Jones wrote on 01/26/2006 11:15 PM:
On Thu, Jan 26, 2006 at 07:43:04PM +0100, David Nielsen wrote:
tor, 26 01 2006 kl. 10:33 -0800, skrev Gianluca Cecchi:
Any hint? No changes made at /etc/sysconfig/iptables file.
As I understand this is a known issue with the kernel
Should be fixed in tomorrows build.
Dave
David Nielsen wrote:
tor, 26 01 2006 kl. 10:33 -0800, skrev Gianluca Cecchi:
Any hint? No changes made at /etc/sysconfig/iptables file.
As I understand this is a known issue with the kernel
- David
Just to track down more info, did this affect any of the FC4 kernels? I had a box run into all sorts of netfilter problems during network I/O this morning and it locked hard, each time after a reboot. 'chkconfig iptables off' finally got things stable again.
I was running kernel-2.6.15-1.1831_FC4 on i386 with current updates on everything relevant (as far as I can determine what was relevant in this case...)
Thanks! -Brenton Rothchild